mirror of
https://github.com/alchemy-fr/Phraseanet.git
synced 2025-10-12 12:33:26 +00:00
949bf06cac
Conflicts: CHANGELOG.md bin/console bin/developer bin/setup bower.json composer.json composer.lock features/bootstrap/FeatureContext.php features/bootstrap/GuiContext.php lib/Alchemy/Phrasea/Authentication/Token/TokenValidator.php lib/Alchemy/Phrasea/Command/BuildMissingSubdefs.php lib/Alchemy/Phrasea/Command/CreateCollection.php lib/Alchemy/Phrasea/Command/Developer/JavascriptBuilder.php lib/Alchemy/Phrasea/Controller/Admin/Collection.php lib/Alchemy/Phrasea/Controller/Admin/Databoxes.php lib/Alchemy/Phrasea/Controller/Admin/TaskManager.php lib/Alchemy/Phrasea/Controller/Api/V1.php lib/Alchemy/Phrasea/Controller/Client/Baskets.php lib/Alchemy/Phrasea/Controller/Client/Root.php lib/Alchemy/Phrasea/Controller/Prod/Basket.php lib/Alchemy/Phrasea/Controller/Prod/Export.php lib/Alchemy/Phrasea/Controller/Prod/Property.php lib/Alchemy/Phrasea/Controller/Prod/Records.php lib/Alchemy/Phrasea/Controller/Prod/Tools.php lib/Alchemy/Phrasea/Controller/Prod/Upload.php lib/Alchemy/Phrasea/Controller/Root/Login.php lib/Alchemy/Phrasea/Controller/Thesaurus/Thesaurus.php lib/Alchemy/Phrasea/Core/Event/ApiLoadEndEvent.php lib/Alchemy/Phrasea/Core/Event/ApiLoadStartEvent.php lib/Alchemy/Phrasea/Core/Provider/TaskManagerServiceProvider.php lib/Alchemy/Phrasea/Core/Version.php lib/Alchemy/Phrasea/Exception/XMLParseErrorException.php lib/Alchemy/Phrasea/Helper/DatabaseHelper.php lib/Alchemy/Phrasea/Helper/User/Edit.php lib/Alchemy/Phrasea/SearchEngine/Phrasea/PhraseaEngine.php lib/Alchemy/Phrasea/SearchEngine/SearchEngineOptions.php lib/Doctrine/Entities/AuthFailure.php lib/Doctrine/Entities/Basket.php lib/Doctrine/Entities/BasketElement.php lib/Doctrine/Entities/LazaretAttribute.php lib/Doctrine/Entities/LazaretCheck.php lib/Doctrine/Entities/LazaretFile.php lib/Doctrine/Entities/LazaretSession.php lib/Doctrine/Entities/Session.php lib/Doctrine/Entities/SessionModule.php lib/Doctrine/Entities/StoryWZ.php lib/Doctrine/Entities/UsrList.php lib/Doctrine/Entities/UsrListEntry.php lib/Doctrine/Entities/UsrListOwner.php lib/Doctrine/Entities/ValidationData.php lib/Doctrine/Entities/ValidationParticipant.php lib/Doctrine/Entities/ValidationSession.php lib/Doctrine/Logger/MonologSQLLogger.php lib/Doctrine/Repositories/BasketRepository.php lib/Doctrine/Repositories/ValidationParticipantRepository.php lib/Doctrine/Types/Binary.php lib/Doctrine/Types/Blob.php lib/Doctrine/Types/Enum.php lib/Doctrine/Types/LongBlob.php lib/Doctrine/Types/VarBinary.php lib/classes/API/OAuth2/Account.php lib/classes/API/OAuth2/Application.php lib/classes/API/OAuth2/Application/OfficePlugin.php lib/classes/API/OAuth2/AuthCode.php lib/classes/API/OAuth2/RefreshToken.php lib/classes/API/OAuth2/Token.php lib/classes/API/V1/Abstract.php lib/classes/API/V1/Interface.php lib/classes/API/V1/adapter.php lib/classes/API/V1/exception/abstract.php lib/classes/API/V1/exception/badrequest.php lib/classes/API/V1/exception/forbidden.php lib/classes/API/V1/exception/internalservererror.php lib/classes/API/V1/exception/maintenance.php lib/classes/API/V1/exception/methodnotallowed.php lib/classes/API/V1/exception/notfound.php lib/classes/API/V1/exception/unauthorized.php lib/classes/API/V1/result.php lib/classes/Exception/Feed/EntryNotFound.php lib/classes/Exception/Feed/ItemNotFound.php lib/classes/Exception/Feed/PublisherNotFound.php lib/classes/Feed/Abstract.php lib/classes/Feed/Adapter.php lib/classes/Feed/Aggregate.php lib/classes/Feed/Collection.php lib/classes/Feed/CollectionInterface.php lib/classes/Feed/Entry/Adapter.php lib/classes/Feed/Entry/Collection.php lib/classes/Feed/Entry/CollectionInterface.php lib/classes/Feed/Entry/Interface.php lib/classes/Feed/Entry/Item.php lib/classes/Feed/Entry/ItemInterface.php lib/classes/Feed/Interface.php lib/classes/Feed/Link.php lib/classes/Feed/LinkInterface.php lib/classes/Feed/Publisher/Adapter.php lib/classes/Feed/Publisher/Interface.php lib/classes/Feed/Token.php lib/classes/Feed/TokenAggregate.php lib/classes/Feed/XML/Abstract.php lib/classes/Feed/XML/Atom.php lib/classes/Feed/XML/Cooliris.php lib/classes/Feed/XML/Interface.php lib/classes/Feed/XML/RSS.php lib/classes/Feed/XML/RSS/Image.php lib/classes/Feed/XML/RSS/ImageInterface.php lib/classes/User/Adapter.php lib/classes/User/Interface.php lib/classes/appbox/register.php lib/classes/connection.php lib/classes/connection/abstract.php lib/classes/connection/interface.php lib/classes/connection/pdo.php lib/classes/connection/pdoStatementDebugger.php lib/classes/deprecated/countries.php lib/classes/deprecated/inscript.api.php lib/classes/eventsmanager/event/test.php lib/classes/ftpclient.php lib/classes/http/request.php lib/classes/media/subdef.php lib/classes/module/console/schedulerStart.php lib/classes/module/console/schedulerState.php lib/classes/module/console/schedulerStop.php lib/classes/module/console/taskState.php lib/classes/module/console/tasklist.php lib/classes/module/console/taskrun.php lib/classes/patch/320alpha4b.php lib/classes/patch/3715alpha1a.php lib/classes/patch/379alpha1a.php lib/classes/patch/380alpha10a.php lib/classes/patch/380alpha11a.php lib/classes/patch/380alpha13a.php lib/classes/patch/380alpha14a.php lib/classes/patch/380alpha15a.php lib/classes/patch/380alpha16a.php lib/classes/patch/380alpha17a.php lib/classes/patch/380alpha18a.php lib/classes/patch/380alpha3a.php lib/classes/patch/380alpha4a.php lib/classes/patch/380alpha6a.php lib/classes/patch/380alpha8a.php lib/classes/patch/380alpha9a.php lib/classes/patch/381alpha1b.php lib/classes/patch/381alpha2a.php lib/classes/patch/381alpha3a.php lib/classes/patch/381alpha4a.php lib/classes/patch/383alpha1a.php lib/classes/patch/383alpha2a.php lib/classes/patch/383alpha3a.php lib/classes/patch/383alpha4a.php lib/classes/record/adapter.php lib/classes/record/preview.php lib/classes/recordutils.php lib/classes/recordutils/audio.php lib/classes/recordutils/document.php lib/classes/recordutils/map.php lib/classes/recordutils/video.php lib/classes/registry.php lib/classes/registryInterface.php lib/classes/set/order.php lib/classes/system/url.php lib/classes/task/Scheduler.php lib/classes/task/appboxAbstract.php lib/classes/task/databoxAbstract.php lib/classes/task/manager.php lib/classes/task/period/RecordMover.php lib/classes/task/period/apibridge.php lib/classes/task/period/apiwebhooks.php lib/classes/task/period/archive.php lib/classes/task/period/cindexer.php lib/classes/task/period/emptyColl.php lib/classes/task/period/ftp.php lib/classes/task/period/ftpPull.php lib/classes/task/period/subdef.php lib/classes/task/period/test.php lib/classes/task/period/writemeta.php lib/conf.d/PhraseaFixture/AbstractWZ.php lib/conf.d/PhraseaFixture/Basket/LoadFiveBaskets.php lib/conf.d/PhraseaFixture/Basket/LoadOneBasket.php lib/conf.d/PhraseaFixture/Basket/LoadOneBasketEnv.php lib/conf.d/PhraseaFixture/Lazaret/LoadOneFile.php lib/conf.d/PhraseaFixture/Story/LoadOneStory.php lib/conf.d/PhraseaFixture/UsrLists/ListAbstract.php lib/conf.d/PhraseaFixture/UsrLists/UsrList.php lib/conf.d/PhraseaFixture/UsrLists/UsrListEntry.php lib/conf.d/PhraseaFixture/UsrLists/UsrListOwner.php lib/conf.d/PhraseaFixture/ValidationParticipant/LoadOneParticipant.php lib/conf.d/PhraseaFixture/ValidationParticipant/LoadParticipantWithSession.php lib/conf.d/PhraseaFixture/ValidationSession/LoadOneValidationSession.php templates/web/admin/collection/collection.html.twig templates/web/common/dialog_export.html.twig templates/web/common/menubar.html.twig templates/web/prod/actions/Tools/index.html.twig templates/web/prod/index.html.twig templates/web/prod/upload/upload-flash.html.twig templates/web/prod/upload/upload.html.twig templates/web/report/report_layout_child.html.twig templates/web/setup/step2.html.twig templates/web/thesaurus/new-synonym-dialog.html.twig templates/web/thesaurus/properties.html.twig templates/web/thesaurus/search.html.twig tests/Alchemy/Tests/Phrasea/Application/ApiAbstract.php tests/Alchemy/Tests/Phrasea/Cache/FactoryTest.php tests/Alchemy/Tests/Phrasea/Controller/Admin/AdminCollectionTest.php tests/Alchemy/Tests/Phrasea/Controller/Client/RootTest.php
284 lines
10 KiB
PHP
284 lines
10 KiB
PHP
<?php
|
|
|
|
/*
|
|
* This file is part of Phraseanet
|
|
*
|
|
* (c) 2005-2015 Alchemy
|
|
*
|
|
* For the full copyright and license information, please view the LICENSE
|
|
* file that was distributed with this source code.
|
|
*/
|
|
|
|
namespace Alchemy\Phrasea\Controller\Root;
|
|
|
|
use Alchemy\Phrasea\Exception\InvalidArgumentException;
|
|
use Alchemy\Phrasea\Model\Entities\ApiApplication;
|
|
use Silex\Application;
|
|
use Silex\ControllerProviderInterface;
|
|
use Symfony\Component\HttpFoundation\JsonResponse;
|
|
use Symfony\Component\HttpFoundation\Request;
|
|
use Symfony\Component\HttpFoundation\Response;
|
|
|
|
class Developers implements ControllerProviderInterface
|
|
{
|
|
public function connect(Application $app)
|
|
{
|
|
$app['controller.account.developers'] = $this;
|
|
|
|
$controllers = $app['controllers_factory'];
|
|
|
|
$app['firewall']->addMandatoryAuthentication($controllers);
|
|
|
|
$controllers->get('/applications/', 'controller.account.developers:listApps')
|
|
->bind('developers_applications');
|
|
|
|
$controllers->get('/application/new/', 'controller.account.developers:displayFormApp')
|
|
->bind('developers_application_new');
|
|
|
|
$controllers->post('/application/', 'controller.account.developers:newApp')
|
|
->bind('submit_developers_application');
|
|
|
|
$controllers->get('/application/{application}/', 'controller.account.developers:getApp')
|
|
->before($app['middleware.api-application.converter'])
|
|
->assert('application', '\d+')
|
|
->bind('developers_application');
|
|
|
|
$controllers->delete('/application/{application}/', 'controller.account.developers:deleteApp')
|
|
->before($app['middleware.api-application.converter'])
|
|
->assert('application', '\d+')
|
|
->bind('delete_developers_application');
|
|
|
|
$controllers->post('/application/{application}/authorize_grant_password/', 'controller.account.developers:authorizeGrantPassword')
|
|
->before($app['middleware.api-application.converter'])
|
|
->assert('application', '\d+')
|
|
->bind('submit_developers_application_authorize_grant_password');
|
|
|
|
$controllers->post('/application/{application}/access_token/', 'controller.account.developers:renewAccessToken')
|
|
->before($app['middleware.api-application.converter'])
|
|
->assert('application', '\d+')
|
|
->bind('submit_developers_application_token');
|
|
|
|
$controllers->post('/application/{application}/callback/', 'controller.account.developers:renewAppCallback')
|
|
->before($app['middleware.api-application.converter'])
|
|
->assert('application', '\d+')
|
|
->bind('submit_application_callback');
|
|
|
|
$controllers->post('/application/{application}/webhook/', 'controller.account.developers:renewAppWebhook')
|
|
->before($app['middleware.api-application.converter'])
|
|
->assert('application', '\d+')
|
|
->bind('submit_application_webhook');
|
|
|
|
return $controllers;
|
|
}
|
|
|
|
/**
|
|
* Delete application.
|
|
*
|
|
* @param Application $app
|
|
* @param Request $request
|
|
* @param ApiApplication $application
|
|
*
|
|
* @return JsonResponse
|
|
*/
|
|
public function deleteApp(Application $app, Request $request, ApiApplication $application)
|
|
{
|
|
if (!$request->isXmlHttpRequest() || !array_key_exists($request->getMimeType('json'), array_flip($request->getAcceptableContentTypes()))) {
|
|
$app->abort(400, 'Bad request format, only JSON is allowed');
|
|
}
|
|
|
|
$app['manipulator.api-application']->delete($application);
|
|
|
|
return $app->json(['success' => true]);
|
|
}
|
|
|
|
/**
|
|
* Change application callback.
|
|
*
|
|
* @param Application $app
|
|
* @param Request $request
|
|
* @param ApiApplication $application
|
|
*
|
|
* @return JsonResponse
|
|
*/
|
|
public function renewAppCallback(Application $app, Request $request, ApiApplication $application)
|
|
{
|
|
if (!$request->isXmlHttpRequest() || !array_key_exists($request->getMimeType('json'), array_flip($request->getAcceptableContentTypes()))) {
|
|
$app->abort(400, 'Bad request format, only JSON is allowed');
|
|
}
|
|
|
|
try {
|
|
$app['manipulator.api-application']->setRedirectUri($application, $request->request->get("callback"));
|
|
} catch (InvalidArgumentException $e) {
|
|
return $app->json(['success' => false]);
|
|
}
|
|
|
|
return $app->json(['success' => true]);
|
|
}
|
|
|
|
/**
|
|
* Change application webhook
|
|
*
|
|
* @param Application $app A Silex application where the controller is mounted on
|
|
* @param Request $request The current request
|
|
* @param integer $id The application id
|
|
* @return JsonResponse
|
|
*/
|
|
public function renewAppWebhook(Application $app, Request $request, ApiApplication $application)
|
|
{
|
|
if (!$request->isXmlHttpRequest() || !array_key_exists($request->getMimeType('json'), array_flip($request->getAcceptableContentTypes()))) {
|
|
$app->abort(400, _('Bad request format, only JSON is allowed'));
|
|
}
|
|
|
|
if (null !== $request->request->get("webhook")) {
|
|
$app['manipulator.api-application']->setWebhookUrl($application, $request->request->get("webhook"));
|
|
} else {
|
|
return $app->json(['success' => false]);
|
|
}
|
|
|
|
return $app->json(['success' => true]);
|
|
}
|
|
|
|
/**
|
|
* Authorize application to use a grant password type.
|
|
*
|
|
* @param Application $app
|
|
* @param Request $request
|
|
* @param ApiApplication $application
|
|
*
|
|
* @return JsonResponse
|
|
*/
|
|
public function renewAccessToken(Application $app, Request $request, ApiApplication $application)
|
|
{
|
|
if (!$request->isXmlHttpRequest() || !array_key_exists($request->getMimeType('json'), array_flip($request->getAcceptableContentTypes()))) {
|
|
$app->abort(400, 'Bad request format, only JSON is allowed');
|
|
}
|
|
|
|
if (null === $account = $app['repo.api-accounts']->findByUserAndApplication($app['authentication']->getUser(), $application)) {
|
|
$app->abort(404, sprintf('Account not found for application %s', $application->getName()));
|
|
}
|
|
|
|
if (null !== $devToken = $app['repo.api-oauth-tokens']->findDeveloperToken($account)) {
|
|
$app['manipulator.api-oauth-token']->renew($devToken);
|
|
} else {
|
|
// dev tokens do not expires
|
|
$devToken = $app['manipulator.api-oauth-token']->create($account);
|
|
}
|
|
|
|
return $app->json(['success' => true, 'token' => $devToken->getOauthToken()]);
|
|
}
|
|
|
|
/**
|
|
* Authorize application to use a grant password type.
|
|
*
|
|
* @param Application $app
|
|
* @param Request $request
|
|
* @param ApiApplication $application
|
|
*
|
|
* @return JsonResponse
|
|
*/
|
|
public function authorizeGrantPassword(Application $app, Request $request, ApiApplication $application)
|
|
{
|
|
if (!$request->isXmlHttpRequest() || !array_key_exists($request->getMimeType('json'), array_flip($request->getAcceptableContentTypes()))) {
|
|
$app->abort(400, 'Bad request format, only JSON is allowed');
|
|
}
|
|
|
|
$application->setGrantPassword((Boolean) $request->request->get('grant'));
|
|
$app['manipulator.api-application']->update($application);
|
|
|
|
return $app->json(['success' => true]);
|
|
}
|
|
|
|
/**
|
|
* Create a new developer applications
|
|
*
|
|
* @param Application $app A Silex application where the controller is mounted on
|
|
* @param Request $request The current request
|
|
* @return Response
|
|
*/
|
|
public function newApp(Application $app, Request $request)
|
|
{
|
|
if ($request->request->get('type') === ApiApplication::DESKTOP_TYPE) {
|
|
$form = new \API_OAuth2_Form_DevAppDesktop($app['request']);
|
|
} else {
|
|
$form = new \API_OAuth2_Form_DevAppInternet($app['request']);
|
|
}
|
|
|
|
$violations = $app['validator']->validate($form);
|
|
|
|
if ($violations->count() === 0) {
|
|
$application = $app['manipulator.api-application']->create(
|
|
$form->getName(),
|
|
$form->getType(),
|
|
$form->getDescription(),
|
|
sprintf('%s%s', $form->getSchemeWebsite(), $form->getWebsite()),
|
|
$app['authentication']->getUser(),
|
|
sprintf('%s%s', $form->getSchemeCallback(), $form->getCallback())
|
|
);
|
|
|
|
// create an account as well
|
|
$app['manipulator.api-account']->create($application, $app['authentication']->getUser());
|
|
|
|
return $app->redirectPath('developers_application', ['application' => $application->getId()]);
|
|
}
|
|
|
|
return $app['twig']->render('/developers/application_form.html.twig', [
|
|
"violations" => $violations,
|
|
"form" => $form
|
|
]);
|
|
}
|
|
|
|
/**
|
|
* List of apps created by the user
|
|
*
|
|
* @param Application $app A Silex application where the controller is mounted on
|
|
* @param Request $request The current request
|
|
* @return Response
|
|
*/
|
|
public function listApps(Application $app, Request $request)
|
|
{
|
|
return $app['twig']->render('developers/applications.html.twig', [
|
|
"applications" => $app['repo.api-applications']->findByCreator($app['authentication']->getUser())
|
|
]);
|
|
}
|
|
|
|
/**
|
|
* Display form application
|
|
*
|
|
* @param Application $app A Silex application where the controller is mounted on
|
|
* @param Request $request The current request
|
|
* @return Response
|
|
*/
|
|
public function displayFormApp(Application $app, Request $request)
|
|
{
|
|
return $app['twig']->render('developers/application_form.html.twig', [
|
|
"violations" => null,
|
|
'form' => null,
|
|
'request' => $request
|
|
]);
|
|
}
|
|
|
|
/**
|
|
* Gets application information.
|
|
*
|
|
* @param Application $app
|
|
* @param Request $request
|
|
* @param ApiApplication $application
|
|
*
|
|
* @return mixed
|
|
*/
|
|
public function getApp(Application $app, Request $request, ApiApplication $application)
|
|
{
|
|
$token = null;
|
|
|
|
if (null !== $account = $app['repo.api-accounts']->findByUserAndApplication($app['authentication']->getUser(), $application)) {
|
|
$token = $app['repo.api-oauth-tokens']->findDeveloperToken($account);
|
|
}
|
|
|
|
return $app['twig']->render('developers/application.html.twig', [
|
|
"application" => $application,
|
|
"user" => $app['authentication']->getUser(),
|
|
"token" => $token
|
|
]);
|
|
}
|
|
}
|