mirror of
https://github.com/alchemy-fr/Phraseanet.git
synced 2025-10-14 05:23:21 +00:00
fbccec009e
* PHRAS-3602 : migrate validations to baskets WIP [skip ci] * PHRAS-3602 : migrate validations code to baskets code (wip) WIP [skip ci] * PHRAS-3602 : migrate validations to baskets WIP [skip ci] * PHRAS-3602 : migrate validations to baskets WIP [skip ci] * PHRAS-3602 : fake commit to run tests * PHRAS-3602 : migrate validations to baskets fix typo * PHRAS-3602 : migrate validations to baskets fixed (some) tests * PHRAS-3602 : migrate validations to baskets fixed (some) tests * PHRAS-3602 : migrate validations to baskets fixed (some) tests. need to remove method():return_type signature because of old phpunit which does not mock it * PHRAS-3602 : migrate validations to baskets fix * PHRAS-3602 : migrate validations to baskets fix err 500 when a "vote" (feedback) is deployed in wz * PHRAS-3602 : migrate validations to baskets fix missing votes for element+participant fix update vote dates on basket * PHRAS-3602 : ux bump production-client to 34 WIP [skip ci] * PHRAS-3602 : rebase (bump production-client to 37) WIP [skip ci] * PHRAS-3602 : refacto css/twig/templates/... ; replace many png's by fonts WIP [skip ci] * PHRAS-3602 : fix icon / css WIP * PHRAS-3602 : better icon align ; back button color fix : save button after adding a user WIP [skip ci] * PHRAS-3602 : restore sharebasket controller todo : implement modification right ; owner is participant ? WIP [skip ci] * PHRAS-3602 : set "canModifiy" ; cleanup WIP [skip ci] * PHRAS-3602 : respect "can_modify" on shared basket WIP [skip ci] * PHRAS-3602 : fix badge icon bg ; fix button css WIP [skip ci] * PHRAS-3602 : fix css & cleanup WIP [skip ci] * PHRAS-3602 : fix 500 on preview/feedback tab WIP [skip ci] * PHRAS-3602 : fix allow to display dlg without selection * PHRAS-3602 : bump version to 4.1.6-rc1 ; prodclient=38 WIP [skip ci] * PHRAS-3602 : factorize baskets menu (wip) WIP [skip ci] * PHRAS-3602 : modify already shared or feedback basket (general menu) 4th icon on badges (vote != modify) quitshare option (todo back) allow fa-icons in toolbar WIP [skip ci] * PHRAS-3602 : add share end-date (todo:db write) add 4th general toggle button fix badge selection bug fix css badges zone (form position) WIP [skip ci] * PHRAS-3602 : big refacto to use "sharebasket" vocab. fusion "feedback/sharebasket" removed "feedback" adaptative ux: 1 "can_agree" ==> feedback display bump production-client to v50 todo: save shr/fbk end-dates todo: rename "pushXXX" to pushAndShare ? WIP [skip ci] * PHRAS-3602 : share / feedback expiration dates are saved in db date pickers with delta menu better adaptive ux todo: move select general togglers WIP [skip ci] * PHRAS-3602 : revert validation* tables (remove "dead" rename) drop all foreign keys from validation* WIP [skip ci] * PHRAS-3602 : restore deleted fields in validation, regenerate proxies WIP [skip ci] * PHRAS-3602 : fix initiator_id WIP [skip ci] * fix initiator_id-bis * PHRAS-3602 : css for input-text with glued button dynamic load of users-lists (left zone) = less duplicated code fix : users-lists works after refresh WIP [skip ci] * PHRAS-3602 : fix users-lists manager (orange) : go flex ! * PHRAS-3602 : empty dist to ease rebase WIP [skip ci] * PHRAS-3602 : rebase WIP [skip ci] * PHRAS-3602 : new ux for "owner" feedback mode is an independent toggle fix "missing mandatory parameter" WIP [skip ci] * PHRAS-3602 : fix css of owner badge WIP [skip ci] * PHRAS-3602 : fix handling of feedback initiator WIP [skip ci] * PHRAS-3602 : better wss to follow "skins" full roboto removed useless class "with-button" WIP [skip ci] * PHRAS-3602 : fix "a token require a validation" temporary fix 500 due to send email to (null) vote-initiator for simple share todo: send a specific email for simple share WIP [skip ci] * PHRAS-3602 : different emails depending if user can vote or not WIP [skip ci] * PHRAS-3602 : expired shared baskets removed from wz WIP [skip ci] * PHRAS-3602 : fix logic error on last sql WIP [skip ci] * PHRAS-3602 : fix missing shared baskets on wz WIP [skip ci] * PHRAS-3602 : fix blinking of wz/basket detail now only the title:hover displays detail WIP [skip ci] * PHRAS-3602 : rebase WIP [skip ci] * PHRAS-3602 : update basket proxy WIP [skip ci] * PHRAS-3602 : fix forever "unread" basket WIP [skip ci] * PHRAS-3602 : fix display of unread basket ; sync "eye" icon with css change WIP [skip ci] * PHRAS-3602 : "quitshare" action works WIP [skip ci] * PHRAS-3602 : missing dist files WIP [skip ci] * PHRAS-3602 : cleanup & run ci * PHRAS-3602 : disable failing unit test ; remove blue on onread basket * PHRAS-3602 : separate "vote" & "share" emails templates & u-tests * PHRAS-3602 : add 2 icons "stack" to icomoon set WIP [skip ci] * PHRAS-3602 : fix test * PHRAS-3602 : fix test ; add test for simple share email notification * PHRAS-3602 : changed proxy * PHRAS-3602 : colored basket icons WIP [skip ci] * PHRAS-3602 : circle basket icons WIP [skip ci] * PHRAS-3602 : fix wz filters, add "share" filter. todo: fix fr writing (new string) WIP [skip ci] * PHRAS-3602 : fix "share" dichotomy : use "shared" for wz filter WIP [skip ci] * PHRAS-3602 : fix PHRAS-3624 ; PHRAS-3623 ; now adding/removing a user from user list is immediate (no more save button) WIP [skip ci] * PHRAS-3602 : fix PHRAS-3647 ; shared basket are listed in api (for list and related record) * PHRAS-3602 : fix due to failing test * PHRAS-3602 : fix: can load a 1000 users list todo : move slow code to worker * PHRAS-3602 : fix due to failing test * PHRAS-3468 : (fixed in 3602) fix basket content still visible when baskets are hidden (wz-filter) * PHRAS-3602 : add "wip" baskets with notification & lock todo : move slow code from message to worker * PHRAS-3602 : fix tests due to accidental rename * PHRAS-3602 : fix : menu closes when mouse out : bump to 4.1.6-rc3 todo : fast move to another basket makes the menu appear on top ? * add shareBasket worker * fix test * PHRAS-3602 : fix : rights buttons on badges now works for users added from search (did work only from loading list) * PHRAS-3590 Co-authored-by: aynsix <asr@esokia-webagency.com> Co-authored-by: Nicolas Maillat <maillat@alchemy.fr>
276 lines
7.1 KiB
PHP
276 lines
7.1 KiB
PHP
<?php
|
|
|
|
/*
|
|
* This file is part of Phraseanet
|
|
*
|
|
* (c) 2005-2014 Alchemy
|
|
*
|
|
* For the full copyright and license information, please view the LICENSE
|
|
* file that was distributed with this source code.
|
|
*/
|
|
|
|
namespace Alchemy\Phrasea\Model\Manipulator;
|
|
|
|
use Alchemy\Phrasea\Core\Configuration\PropertyAccess;
|
|
use Alchemy\Phrasea\Model\Entities\Basket;
|
|
use Alchemy\Phrasea\Model\Entities\FeedEntry;
|
|
use Alchemy\Phrasea\Model\Entities\Token;
|
|
use Alchemy\Phrasea\Model\Entities\User;
|
|
use Alchemy\Phrasea\Model\Repositories\TokenRepository;
|
|
use DateTime;
|
|
use Doctrine\Common\Persistence\ObjectManager;
|
|
use RandomLib\Generator;
|
|
use RuntimeException;
|
|
|
|
class TokenManipulator implements ManipulatorInterface
|
|
{
|
|
const LETTERS_AND_NUMBERS = "0123456789abcdefghijklmnopqrstuvwxyzABCDEFGHIJKLMNOPQRSTUVWXYZ";
|
|
const TYPE_FEED_ENTRY = 'FEED_ENTRY';
|
|
const TYPE_PASSWORD = 'password';
|
|
const TYPE_ACCOUNT_UNLOCK = 'account-unlock';
|
|
const TYPE_ACCOUNT_DELETE = 'account-delete';
|
|
const TYPE_DOWNLOAD = 'download';
|
|
const TYPE_MAIL_DOWNLOAD = 'mail-download';
|
|
const TYPE_EMAIL = 'email';
|
|
const TYPE_EMAIL_RESET = 'email-reset';
|
|
const TYPE_VIEW = 'view';
|
|
const TYPE_VALIDATE = 'validate';
|
|
const TYPE_RSS = 'rss';
|
|
|
|
/** @var Objectmanager */
|
|
private $om;
|
|
private $random;
|
|
private $repository;
|
|
private $conf;
|
|
|
|
private $temporaryDownloadPath;
|
|
|
|
public function __construct(
|
|
ObjectManager $om,
|
|
Generator $random,
|
|
TokenRepository $repository,
|
|
$temporaryDownloadPath,
|
|
PropertyAccess $configuration)
|
|
{
|
|
$this->om = $om;
|
|
$this->random = $random;
|
|
$this->repository = $repository;
|
|
$this->temporaryDownloadPath = $temporaryDownloadPath;
|
|
$this->conf = $configuration;
|
|
}
|
|
|
|
/**
|
|
* @param User|null $user
|
|
* @param string $type
|
|
* @param DateTime|null $expiration
|
|
* @param mixed|null $data
|
|
*
|
|
* @return Token
|
|
*/
|
|
public function create($user, $type, $expiration = null, $data = null)
|
|
{
|
|
// remove all expired token after 30 days
|
|
$this->removeExpiredTokens(30);
|
|
|
|
$n = 0;
|
|
do {
|
|
if ($n++ > 1024) {
|
|
throw new RuntimeException('Unable to create a token.');
|
|
}
|
|
$value = $this->random->generateString(32, self::LETTERS_AND_NUMBERS);
|
|
$found = null !== $this->om->getRepository('Phraseanet:Token')->find($value);
|
|
} while ($found);
|
|
|
|
$token = new Token();
|
|
|
|
$token->setUser($user)
|
|
->setType($type)
|
|
->setValue($value)
|
|
->setExpiration($expiration)
|
|
->setData($data);
|
|
|
|
$this->om->persist($token);
|
|
$this->om->flush();
|
|
|
|
return $token;
|
|
}
|
|
|
|
/**
|
|
* @param Basket $basket
|
|
* @param User $user
|
|
* @param DateTime|null $expiration
|
|
*
|
|
* @return Token
|
|
*/
|
|
public function createBasketValidationToken(Basket $basket, User $user, $expiration)
|
|
{
|
|
return $this->create($user, self::TYPE_VALIDATE, $expiration, $basket->getId());
|
|
}
|
|
|
|
/**
|
|
* @param Basket $basket
|
|
* @param User $user
|
|
*
|
|
* @return Token
|
|
*/
|
|
public function createBasketAccessToken(Basket $basket, User $user)
|
|
{
|
|
return $this->create($user, self::TYPE_VIEW, null, $basket->getId());
|
|
}
|
|
|
|
/**
|
|
* @param User $user
|
|
* @param FeedEntry $entry
|
|
*
|
|
* @return Token
|
|
*/
|
|
public function createFeedEntryToken(User $user, FeedEntry $entry)
|
|
{
|
|
return $this->create($user, self::TYPE_FEED_ENTRY, null, $entry->getId());
|
|
}
|
|
|
|
/**
|
|
* Create feedEntryTokens for many users in one shot
|
|
*
|
|
* @param User[] $users
|
|
* @param FeedEntry $entry
|
|
* @return Token[]
|
|
*/
|
|
public function createFeedEntryTokens($users, FeedEntry $entry)
|
|
{
|
|
// $this->removeExpiredTokens();
|
|
|
|
$tokens = [];
|
|
foreach ($users as $user) {
|
|
$value = $this->random->generateString(32, self::LETTERS_AND_NUMBERS) . $user->getId();
|
|
|
|
$token = new Token();
|
|
$token->setUser($user)
|
|
->setType(self::TYPE_FEED_ENTRY)
|
|
->setValue($value)
|
|
->setExpiration(null)
|
|
->setData($entry->getId());
|
|
$tokens[] = $token;
|
|
|
|
$this->om->persist($token);
|
|
}
|
|
$this->om->flush();
|
|
$this->om->clear();
|
|
|
|
return $tokens;
|
|
}
|
|
|
|
/**
|
|
* @param User $user
|
|
* @param $data
|
|
*
|
|
* @return Token
|
|
*/
|
|
public function createDownloadToken(User $user, $data)
|
|
{
|
|
$downloadLinkValidity = (int) $this->conf->get(['registry', 'actions', 'download-link-validity'], 24);
|
|
|
|
return $this->create($user, self::TYPE_DOWNLOAD, new DateTime("+{$downloadLinkValidity} hours"), $data);
|
|
}
|
|
|
|
/**
|
|
* @param $data
|
|
*
|
|
* @return Token
|
|
*/
|
|
public function createEmailExportToken($data)
|
|
{
|
|
$downloadLinkValidity = (int) $this->conf->get(['registry', 'actions', 'download-link-validity'], 24);
|
|
|
|
return $this->create(null, self::TYPE_EMAIL, new DateTime("+{$downloadLinkValidity} hours"), $data);
|
|
}
|
|
|
|
/**
|
|
* @param User $user
|
|
* @param $email
|
|
*
|
|
* @return Token
|
|
*/
|
|
public function createResetEmailToken(User $user, $email)
|
|
{
|
|
return $this->create($user, self::TYPE_EMAIL_RESET, new DateTime('+1 day'), $email);
|
|
}
|
|
|
|
/**
|
|
* @param User $user
|
|
*
|
|
* @return Token
|
|
*/
|
|
public function createAccountUnlockToken(User $user)
|
|
{
|
|
return $this->create($user, self::TYPE_ACCOUNT_UNLOCK, new DateTime('+3 days'));
|
|
}
|
|
|
|
/**
|
|
* @param User $user
|
|
* @param string $email
|
|
*
|
|
* @return Token
|
|
*/
|
|
public function createAccountDeleteToken(User $user, $email)
|
|
{
|
|
return $this->create($user, self::TYPE_ACCOUNT_DELETE, new DateTime('+1 hour'), $email);
|
|
}
|
|
|
|
/**
|
|
* @param User $user
|
|
*
|
|
* @return Token
|
|
*/
|
|
public function createResetPasswordToken(User $user)
|
|
{
|
|
return $this->create($user, self::TYPE_PASSWORD, new DateTime('+3 day'));
|
|
}
|
|
|
|
/**
|
|
* Updates a token.
|
|
*
|
|
* @param Token $token
|
|
*
|
|
* @return Token
|
|
*/
|
|
public function update(Token $token)
|
|
{
|
|
$this->om->persist($token);
|
|
$this->om->flush();
|
|
|
|
return $token;
|
|
}
|
|
|
|
/**
|
|
* Removes a token.
|
|
*
|
|
* @param Token $token
|
|
*/
|
|
public function delete(Token $token)
|
|
{
|
|
$this->om->remove($token);
|
|
$this->om->flush();
|
|
}
|
|
|
|
/**
|
|
* Removes expired tokens
|
|
*/
|
|
public function removeExpiredTokens($nbDaysAfterExpiration = 0)
|
|
{
|
|
foreach ($this->repository->findExpiredTokens($nbDaysAfterExpiration) as $token) {
|
|
switch ($token->getType()) {
|
|
case 'download':
|
|
case 'email':
|
|
$file = $this->temporaryDownloadPath . '/' . $token->getValue() . '.zip';
|
|
if (is_file($file)) {
|
|
unlink($file);
|
|
}
|
|
break;
|
|
}
|
|
$this->om->remove($token);
|
|
}
|
|
$this->om->flush();
|
|
}
|
|
}
|