mirror of
https://github.com/alchemy-fr/Phraseanet.git
synced 2025-10-10 19:43:16 +00:00
a8da584666
Conflicts: composer.json composer.lock config/configuration.sample.yml lib/Alchemy/Phrasea/Application.php lib/Alchemy/Phrasea/Application/Api.php lib/Alchemy/Phrasea/Controller/Admin/Collection.php lib/Alchemy/Phrasea/Controller/Admin/Users.php lib/Alchemy/Phrasea/Controller/Prod/DoDownload.php lib/Alchemy/Phrasea/Controller/Prod/Export.php lib/Alchemy/Phrasea/Controller/Prod/Language.php lib/Alchemy/Phrasea/Controller/Prod/Push.php lib/Alchemy/Phrasea/Controller/Prod/Tooltip.php lib/Alchemy/Phrasea/Controller/Report/Informations.php lib/Alchemy/Phrasea/Controller/Report/Root.php lib/Alchemy/Phrasea/Controller/Root/Developers.php lib/Alchemy/Phrasea/Controller/Root/Login.php lib/Alchemy/Phrasea/Controller/Root/Session.php lib/Alchemy/Phrasea/Controller/Thesaurus/Xmlhttp.php lib/Alchemy/Phrasea/Controller/Utils/ConnectionTest.php lib/Alchemy/Phrasea/Controller/Utils/PathFileTest.php lib/Alchemy/Phrasea/Core/Version.php lib/Alchemy/Phrasea/Form/Login/PhraseaAuthenticationForm.php lib/Alchemy/Phrasea/SearchEngine/Phrasea/PhraseaEngine.php lib/Alchemy/Phrasea/SearchEngine/SphinxSearch/SphinxSearchEngine.php lib/classes/API/OAuth2/Application.php lib/classes/API/V1/adapter.php lib/classes/Feed/Adapter.php lib/classes/Feed/Aggregate.php lib/classes/Feed/Collection.php lib/classes/Feed/Entry/Adapter.php lib/classes/ZipArchiveImproved.php lib/classes/caption/Field/Value.php lib/classes/caption/record.php lib/classes/eventsmanager/notify/feed.php lib/classes/media/subdef.php lib/classes/module/report/connexion.php lib/classes/module/report/download.php lib/classes/record/adapter.php lib/classes/registry.php lib/classes/set/export.php lib/classes/setup.php lib/classes/task/abstract.php lib/classes/task/period/emptyColl.php lib/classes/uuid.php lib/conf.d/_GV_template.inc lib/conf.d/bases_structure.xml lib/conf.d/configuration.yml lib/conf.d/minifyGroupsConfig.php locale/de_DE/LC_MESSAGES/phraseanet.mo locale/de_DE/LC_MESSAGES/phraseanet.po locale/en_GB/LC_MESSAGES/phraseanet.mo locale/en_GB/LC_MESSAGES/phraseanet.po locale/fr_FR/LC_MESSAGES/phraseanet.mo locale/fr_FR/LC_MESSAGES/phraseanet.po locale/nl_NL/LC_MESSAGES/phraseanet.mo locale/nl_NL/LC_MESSAGES/phraseanet.po locale/phraseanet.pot templates/web/account/account.html.twig templates/web/account/base.html.twig templates/web/admin/databox/databox.html.twig templates/web/admin/index.html.twig templates/web/admin/setup.html.twig templates/web/admin/tree.html.twig templates/web/client/index.html.twig templates/web/common/caption.html.twig templates/web/common/caption_templates/answer.html.twig templates/web/common/caption_templates/basket_element.html.twig templates/web/common/caption_templates/internal_publi.html.twig templates/web/common/caption_templates/lazaret.html.twig templates/web/common/caption_templates/overview.html.twig templates/web/common/caption_templates/preview.html.twig templates/web/common/index_bootstrap.html.twig templates/web/common/indexfloat.html.twig templates/web/common/thumbnail.html.twig templates/web/developers/application_form.html.twig templates/web/lightbox/IE6/feed.html.twig templates/web/lightbox/IE6/validate.html.twig templates/web/lightbox/feed.html.twig templates/web/lightbox/validate.html.twig templates/web/prod/actions/Download/prepare.html.twig templates/web/prod/actions/publish/publish.html.twig templates/web/prod/index.html.twig templates/web/prod/preview/caption.html.twig templates/web/prod/results/answerlist.html.twig templates/web/thesaurus/accept.html.twig templates/web/thesaurus/export-text-dialog.html.twig templates/web/thesaurus/export-text.html.twig templates/web/thesaurus/export-topics-dialog.html.twig templates/web/thesaurus/export-topics.html.twig templates/web/thesaurus/index.html.twig templates/web/thesaurus/link-field-step1.html.twig templates/web/thesaurus/link-field-step2.html.twig templates/web/thesaurus/link-field-step3.html.twig templates/web/thesaurus/new-term.html.twig templates/web/thesaurus/properties.html.twig templates/web/thesaurus/search.html.twig templates/web/thesaurus/thesaurus.html.twig tests/Alchemy/Tests/Phrasea/Application/ApiJsonTest.php tests/Alchemy/Tests/Phrasea/Application/ApiYamlTest.php tests/Alchemy/Tests/Phrasea/Application/LightboxTest.php tests/Alchemy/Tests/Phrasea/Application/OAuth2Test.php tests/Alchemy/Tests/Phrasea/Application/OverviewTest.php tests/Alchemy/Tests/Phrasea/Authentication/PersistentCookie/ManagerTest.php tests/Alchemy/Tests/Phrasea/Cache/RedisCacheTest.php tests/Alchemy/Tests/Phrasea/Command/Compile/ConfigurationTest.php tests/Alchemy/Tests/Phrasea/Controller/Admin/FieldsTest.php tests/Alchemy/Tests/Phrasea/Controller/Admin/PublicationTest.php tests/Alchemy/Tests/Phrasea/Controller/Admin/SubdefsTest.php tests/Alchemy/Tests/Phrasea/Controller/Admin/UsersTest.php tests/Alchemy/Tests/Phrasea/Controller/Api/ApiJSONPTest.php tests/Alchemy/Tests/Phrasea/Controller/Prod/BasketTest.php tests/Alchemy/Tests/Phrasea/Controller/Prod/BridgeTest.php tests/Alchemy/Tests/Phrasea/Controller/Prod/EditTest.php tests/Alchemy/Tests/Phrasea/Controller/Prod/FeedTest.php tests/Alchemy/Tests/Phrasea/Controller/Prod/LanguageTest.php tests/Alchemy/Tests/Phrasea/Controller/Prod/MoveCollectionTest.php tests/Alchemy/Tests/Phrasea/Controller/Prod/PrinterTest.php tests/Alchemy/Tests/Phrasea/Controller/Prod/PushTest.php tests/Alchemy/Tests/Phrasea/Controller/Prod/RootTest.php tests/Alchemy/Tests/Phrasea/Controller/Prod/StoryTest.php tests/Alchemy/Tests/Phrasea/Controller/Prod/ToolsTest.php tests/Alchemy/Tests/Phrasea/Controller/Prod/TooltipTest.php tests/Alchemy/Tests/Phrasea/Controller/Prod/UploadTest.php tests/Alchemy/Tests/Phrasea/Controller/Prod/UsrListsTest.php tests/Alchemy/Tests/Phrasea/Controller/Prod/WorkZoneTest.php tests/Alchemy/Tests/Phrasea/Controller/Root/LoginTest.php tests/Alchemy/Tests/Phrasea/Controller/Root/RSSFeedTest.php tests/Alchemy/Tests/Phrasea/Controller/Utils/ConnectionTestTest.php tests/Alchemy/Tests/Phrasea/Controller/Utils/PathFileTestTest.php tests/Alchemy/Tests/Phrasea/Core/Provider/FTPServiceProviderTest.php tests/Alchemy/Tests/Phrasea/Core/Provider/LocaleServiceProviderTest.php tests/Alchemy/Tests/Phrasea/Core/Provider/PhraseanetServiceProviderTest.php tests/Alchemy/Tests/Phrasea/Core/Provider/RegistrationServiceProviderTest.php tests/Alchemy/Tests/Phrasea/Core/Provider/TaskManagerServiceProviderTest.php tests/Alchemy/Tests/Phrasea/Http/XSendFile/NginxModeTest.php tests/Alchemy/Tests/Phrasea/Metadata/Tag/TfEditDateTest.php tests/Alchemy/Tests/Phrasea/Metadata/Tag/TfMimeTypeTest.php tests/Alchemy/Tests/Phrasea/SearchEngine/SearchEngineAbstractTest.php tests/classes/Feed/Feed_AggregateTest.php tests/classes/PhraseanetPHPUnitAbstract.php tests/db-ref.sqlite
285 lines
10 KiB
PHP
285 lines
10 KiB
PHP
<?php
|
|
|
|
/*
|
|
* This file is part of Phraseanet
|
|
*
|
|
* (c) 2005-2014 Alchemy
|
|
*
|
|
* For the full copyright and license information, please view the LICENSE
|
|
* file that was distributed with this source code.
|
|
*/
|
|
|
|
namespace Alchemy\Phrasea\Controller\Root;
|
|
|
|
use Alchemy\Phrasea\Exception\InvalidArgumentException;
|
|
use Alchemy\Phrasea\Model\Entities\ApiApplication;
|
|
use Silex\Application;
|
|
use Silex\ControllerProviderInterface;
|
|
use Symfony\Component\HttpFoundation\JsonResponse;
|
|
use Symfony\Component\HttpFoundation\Request;
|
|
use Symfony\Component\HttpFoundation\Response;
|
|
use Symfony\Component\HttpKernel\Exception\NotFoundHttpException;
|
|
|
|
class Developers implements ControllerProviderInterface
|
|
{
|
|
public function connect(Application $app)
|
|
{
|
|
$app['controller.account.developers'] = $this;
|
|
|
|
$controllers = $app['controllers_factory'];
|
|
|
|
$app['firewall']->addMandatoryAuthentication($controllers);
|
|
|
|
$controllers->get('/applications/', 'controller.account.developers:listApps')
|
|
->bind('developers_applications');
|
|
|
|
$controllers->get('/application/new/', 'controller.account.developers:displayFormApp')
|
|
->bind('developers_application_new');
|
|
|
|
$controllers->post('/application/', 'controller.account.developers:newApp')
|
|
->bind('submit_developers_application');
|
|
|
|
$controllers->get('/application/{application}/', 'controller.account.developers:getApp')
|
|
->before($app['middleware.api-application.converter'])
|
|
->assert('application', '\d+')
|
|
->bind('developers_application');
|
|
|
|
$controllers->delete('/application/{application}/', 'controller.account.developers:deleteApp')
|
|
->before($app['middleware.api-application.converter'])
|
|
->assert('application', '\d+')
|
|
->bind('delete_developers_application');
|
|
|
|
$controllers->post('/application/{application}/authorize_grant_password/', 'controller.account.developers:authorizeGrantPassword')
|
|
->before($app['middleware.api-application.converter'])
|
|
->assert('application', '\d+')
|
|
->bind('submit_developers_application_authorize_grant_password');
|
|
|
|
$controllers->post('/application/{application}/access_token/', 'controller.account.developers:renewAccessToken')
|
|
->before($app['middleware.api-application.converter'])
|
|
->assert('application', '\d+')
|
|
->bind('submit_developers_application_token');
|
|
|
|
$controllers->post('/application/{application}/callback/', 'controller.account.developers:renewAppCallback')
|
|
->before($app['middleware.api-application.converter'])
|
|
->assert('application', '\d+')
|
|
->bind('submit_application_callback');
|
|
|
|
$controllers->post('/application/{id}/webhook/', $this->call('renewAppWebhook'))
|
|
->assert('id', '\d+')
|
|
->bind('submit_application_webhook');
|
|
|
|
return $controllers;
|
|
}
|
|
|
|
/**
|
|
* Delete application.
|
|
*
|
|
* @param Application $app
|
|
* @param Request $request
|
|
* @param ApiApplication $application
|
|
*
|
|
* @return JsonResponse
|
|
*/
|
|
public function deleteApp(Application $app, Request $request, ApiApplication $application)
|
|
{
|
|
if (!$request->isXmlHttpRequest() || !array_key_exists($request->getMimeType('json'), array_flip($request->getAcceptableContentTypes()))) {
|
|
$app->abort(400, 'Bad request format, only JSON is allowed');
|
|
}
|
|
|
|
$app['manipulator.api-application']->delete($application);
|
|
|
|
return $app->json(['success' => true]);
|
|
}
|
|
|
|
/**
|
|
* Change application callback.
|
|
*
|
|
* @param Application $app
|
|
* @param Request $request
|
|
* @param ApiApplication $application
|
|
*
|
|
* @return JsonResponse
|
|
*/
|
|
public function renewAppCallback(Application $app, Request $request, ApiApplication $application)
|
|
{
|
|
if (!$request->isXmlHttpRequest() || !array_key_exists($request->getMimeType('json'), array_flip($request->getAcceptableContentTypes()))) {
|
|
$app->abort(400, 'Bad request format, only JSON is allowed');
|
|
}
|
|
|
|
try {
|
|
$app['manipulator.api-application']->setRedirectUri($application, $request->request->get("callback"));
|
|
} catch (InvalidArgumentException $e) {
|
|
return $app->json(['success' => false]);
|
|
}
|
|
|
|
return $app->json(['success' => true]);
|
|
}
|
|
|
|
|
|
/**
|
|
* Change application webhook
|
|
*
|
|
* @param Application $app A Silex application where the controller is mounted on
|
|
* @param Request $request The current request
|
|
* @param integer $id The application id
|
|
* @return JsonResponse
|
|
*/
|
|
public function renewAppWebhook(Application $app, Request $request, $id)
|
|
{
|
|
if (!$request->isXmlHttpRequest() || !array_key_exists($request->getMimeType('json'), array_flip($request->getAcceptableContentTypes()))) {
|
|
$app->abort(400, _('Bad request format, only JSON is allowed'));
|
|
}
|
|
|
|
if (null !== $request->request->get("webhook")) {
|
|
$app['manipulator.api-application']->setWebhook($request->request->get("webhook"));
|
|
} else {
|
|
return $app->json(['success' => false]);
|
|
}
|
|
|
|
return $app->json(array('success' => true));
|
|
}
|
|
|
|
/**
|
|
* Authorize application to use a grant password type.
|
|
*
|
|
* @param Application $app
|
|
* @param Request $request
|
|
* @param ApiApplication $application
|
|
*
|
|
* @return JsonResponse
|
|
*/
|
|
public function renewAccessToken(Application $app, Request $request, ApiApplication $application)
|
|
{
|
|
if (!$request->isXmlHttpRequest() || !array_key_exists($request->getMimeType('json'), array_flip($request->getAcceptableContentTypes()))) {
|
|
$app->abort(400, 'Bad request format, only JSON is allowed');
|
|
}
|
|
|
|
if (null === $account = $app['repo.api-accounts']->findByUserAndApplication($app['authentication']->getUser(), $application)) {
|
|
$app->abort(404, sprintf('Account not found for application %s', $application->getName()));
|
|
}
|
|
|
|
if(null !== $devToken = $app['repo.api-oauth-tokens']->findDeveloperToken($account)) {
|
|
$app['manipulator.api-oauth-token']->renew($devToken);
|
|
} else {
|
|
// dev tokens do not expires
|
|
$devToken = $app['manipulator.api-oauth-token']->create($account);
|
|
}
|
|
|
|
return $app->json(['success' => true, 'token' => $devToken->getOauthToken()]);
|
|
}
|
|
|
|
/**
|
|
* Authorize application to use a grant password type.
|
|
*
|
|
* @param Application $app
|
|
* @param Request $request
|
|
* @param ApiApplication $application
|
|
*
|
|
* @return JsonResponse
|
|
*/
|
|
public function authorizeGrantPassword(Application $app, Request $request, ApiApplication $application)
|
|
{
|
|
if (!$request->isXmlHttpRequest() || !array_key_exists($request->getMimeType('json'), array_flip($request->getAcceptableContentTypes()))) {
|
|
$app->abort(400, 'Bad request format, only JSON is allowed');
|
|
}
|
|
|
|
$application->setGrantPassword((Boolean) $request->request->get('grant'));
|
|
$app['manipulator.api-application']->update($application);
|
|
|
|
return $app->json(['success' => true]);
|
|
}
|
|
|
|
/**
|
|
* Create a new developer applications
|
|
*
|
|
* @param Application $app A Silex application where the controller is mounted on
|
|
* @param Request $request The current request
|
|
* @return Response
|
|
*/
|
|
public function newApp(Application $app, Request $request)
|
|
{
|
|
if ($request->request->get('type') === ApiApplication::DESKTOP_TYPE) {
|
|
$form = new \API_OAuth2_Form_DevAppDesktop($app['request']);
|
|
} else {
|
|
$form = new \API_OAuth2_Form_DevAppInternet($app['request']);
|
|
}
|
|
|
|
$violations = $app['validator']->validate($form);
|
|
|
|
if ($violations->count() === 0) {
|
|
$application = $app['manipulator.api-application']->create(
|
|
$form->getName(),
|
|
$form->getType(),
|
|
$form->getDescription(),
|
|
sprintf('%s%s', $form->getSchemeWebsite(), $form->getWebsite()),
|
|
$app['authentication']->getUser(),
|
|
sprintf('%s%s', $form->getSchemeCallback(), $form->getCallback())
|
|
);
|
|
|
|
// create an account as well
|
|
$app['manipulator.api-account']->create($application, $app['authentication']->getUser());
|
|
|
|
return $app->redirectPath('developers_application', ['application' => $application->getId()]);
|
|
}
|
|
|
|
return $app['twig']->render('/developers/application_form.html.twig', [
|
|
"violations" => $violations,
|
|
"form" => $form
|
|
]);
|
|
}
|
|
|
|
/**
|
|
* List of apps created by the user
|
|
*
|
|
* @param Application $app A Silex application where the controller is mounted on
|
|
* @param Request $request The current request
|
|
* @return Response
|
|
*/
|
|
public function listApps(Application $app, Request $request)
|
|
{
|
|
return $app['twig']->render('developers/applications.html.twig', [
|
|
"applications" => $app['repo.api-applications']->findByCreator($app['authentication']->getUser())
|
|
]);
|
|
}
|
|
|
|
/**
|
|
* Display form application
|
|
*
|
|
* @param Application $app A Silex application where the controller is mounted on
|
|
* @param Request $request The current request
|
|
* @return Response
|
|
*/
|
|
public function displayFormApp(Application $app, Request $request)
|
|
{
|
|
return $app['twig']->render('developers/application_form.html.twig', [
|
|
"violations" => null,
|
|
'form' => null,
|
|
'request' => $request
|
|
]);
|
|
}
|
|
|
|
/**
|
|
* Gets application information.
|
|
*
|
|
* @param Application $app
|
|
* @param Request $request
|
|
* @param ApiApplication $application
|
|
*
|
|
* @return mixed
|
|
*/
|
|
public function getApp(Application $app, Request $request, ApiApplication $application)
|
|
{
|
|
$token = null;
|
|
|
|
if (null !== $account = $app['repo.api-accounts']->findByUserAndApplication($app['authentication']->getUser(), $application)) {
|
|
$token = $app['repo.api-oauth-tokens']->findDeveloperToken($account);
|
|
}
|
|
|
|
return $app['twig']->render('developers/application.html.twig', [
|
|
"application" => $application,
|
|
"user" => $app['authentication']->getUser(),
|
|
"token" => $token
|
|
]);
|
|
}
|
|
}
|