Skip to content

Commit

Permalink
Merge pull request #79 from xprojects-de/development
Browse files Browse the repository at this point in the history 
Development
  • Loading branch information
@xprojects-de
xprojects-de authored Dec 14, 2023
2 parents 771f00a + 8faee5c commit aabfcd6
Show file tree
Hide file tree
Showing 32 changed files with 382 additions and 210 deletions.
2 changes: 1 addition & 1 deletion .github/workflows/ci_pr.yaml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -23,4 +23,4 @@ jobs:
run: composer install --no-interaction --no-progress

- name: Run the unit tests
run: vendor/bin/phpunit --colors=always
run: vendor/bin/phpunit --no-configuration ./tests
11 changes: 11 additions & 0 deletions .idea/alpdesk-core.iml
View file

Some generated files are not rendered by default. Learn more about how customized files appear on GitHub.

12 changes: 12 additions & 0 deletions .idea/codeception.xml
View file

Some generated files are not rendered by default. Learn more about how customized files appear on GitHub.

3 changes: 2 additions & 1 deletion .idea/deployment.xml
View file

Some generated files are not rendered by default. Learn more about how customized files appear on GitHub.

16 changes: 2 additions & 14 deletions .idea/inspectionProfiles/Project_Default.xml
View file

Some generated files are not rendered by default. Learn more about how customized files appear on GitHub.

1 change: 1 addition & 0 deletions .idea/php-test-framework.xml
View file

Some generated files are not rendered by default. Learn more about how customized files appear on GitHub.

30 changes: 30 additions & 0 deletions .idea/php.xml
View file

Some generated files are not rendered by default. Learn more about how customized files appear on GitHub.

13 changes: 13 additions & 0 deletions .idea/phpspec.xml
View file

Some generated files are not rendered by default. Learn more about how customized files appear on GitHub.

77 changes: 48 additions & 29 deletions src/Controller/Auth/AlpdeskCoreAuthController.php
View file
Original file line number Diff line number Diff line change
Expand Up @@ -89,9 +89,10 @@ public function auth(Request $request): JsonResponse

$this->framework->initialize();

$authdata = (array)\json_decode($request->getContent(), true);
// $request->getContent() must always be a valid JSON
$authData = (array)\json_decode($request->getContent(), true, 512, JSON_THROW_ON_ERROR);

$response = (new AlpdeskCoreAuthToken($this->passwordHasherFactory))->generateToken($authdata);
$response = (new AlpdeskCoreAuthToken($this->passwordHasherFactory))->generateToken($authData);

$event = new AlpdeskCoreAuthSuccessEvent($response);
$this->eventService->getDispatcher()->dispatch($event, AlpdeskCoreAuthSuccessEvent::NAME);
Expand All @@ -116,11 +117,10 @@ public function auth(Request $request): JsonResponse
}

/**
* @param Request $request
* @param UserInterface $user
* @return JsonResponse
*/
public function verify(Request $request, UserInterface $user): JsonResponse
public function verify(UserInterface $user): JsonResponse
{
try {

Expand Down Expand Up @@ -165,7 +165,8 @@ public function refresh(Request $request, UserInterface $user): JsonResponse

$this->framework->initialize();

$refreshData = (array)\json_decode($request->getContent(), true);
// $request->getContent() must always be a valid JSON
$refreshData = (array)\json_decode($request->getContent(), true, 512, JSON_THROW_ON_ERROR);

$response = (new AlpdeskCoreAuthToken($this->passwordHasherFactory))->refreshToken($refreshData, $user);

Expand Down Expand Up @@ -202,39 +203,55 @@ public function member(Request $request, UserInterface $user): JsonResponse

$this->framework->initialize();

$memberdata = (array)\json_decode($request->getContent(), true);
$memberData = [];

if ($user->getIsAdmin() === true) {
try {

if (\array_key_exists('mandantid', $memberdata)) {
// Request could be empty
$memberRequest = $request->getContent();
if (\is_string($memberRequest) && $memberRequest !== '') {

$mandantId = (string)AlpdeskcoreInputSecurity::secureValue($memberdata['mandantid']);
$memberDataT = \json_decode($request->getContent(), true, 512, JSON_THROW_ON_ERROR);
if (\is_array($memberDataT)) {
$memberData = $memberDataT;
}

if ($mandantId !== "") {
}

} catch (\Exception) {
}

if ($mandantId === "0") {
if (\array_key_exists('mandantid', $memberData) && $user->getIsAdmin() === true) {

$memberObject = MemberModel::findByPk($user->getMemberId());
if ($memberObject !== null) {
$memberObject->alpdeskcore_mandant = 0;
$memberObject->save();
$user->setMandantPid(0);
}
} else {
$mandantId = (string)AlpdeskcoreInputSecurity::secureValue($memberData['mandantid']);

if (!\array_key_exists((int)$mandantId, $user->getMandantWhitelist())) {
throw new AlpdeskCoreAuthException('mandantid not in whitelistarray', AlpdeskCoreConstants::$ERROR_INVALID_MANDANT);
}
if ($mandantId !== "") {

$memberObject = MemberModel::findByPk($user->getMemberId());
if ($memberObject !== null) {
$memberObject->alpdeskcore_mandant = (int)$mandantId;
$memberObject->save();
$user->setMandantPid((int)$mandantId);
}
if ($mandantId === "0") {

$memberObject = MemberModel::findByPk($user->getMemberId());
if ($memberObject !== null) {
$memberObject->alpdeskcore_mandant = 0;
$memberObject->save();
$user->setMandantPid(0);
}
} else {

if (!\array_key_exists((int)$mandantId, $user->getMandantWhitelist())) {
throw new AlpdeskCoreAuthException('mandantid not in whitelistarray', AlpdeskCoreConstants::$ERROR_INVALID_MANDANT);
}

$memberObject = MemberModel::findByPk($user->getMemberId());
if ($memberObject !== null) {
$memberObject->alpdeskcore_mandant = (int)$mandantId;
$memberObject->save();
$user->setMandantPid((int)$mandantId);
}

}

}

}

$response = [
Expand All @@ -256,17 +273,18 @@ public function member(Request $request, UserInterface $user): JsonResponse
return (new JsonResponse($event->getResultData()->getData(), AlpdeskCoreConstants::$STATUSCODE_OK));

} catch (\Exception $exception) {

$this->logger->error($exception->getMessage(), __METHOD__);
return $this->outputError($exception->getMessage(), $exception->getCode(), AlpdeskCoreConstants::$STATUSCODE_COMMONERROR);

}
}

/**
* @param Request $request
* @param UserInterface $user
* @return JsonResponse
*/
public function logout(Request $request, UserInterface $user): JsonResponse
public function logout(UserInterface $user): JsonResponse
{
try {

Expand All @@ -291,6 +309,7 @@ public function logout(Request $request, UserInterface $user): JsonResponse
return $this->outputError($exception->getMessage(), $exception->getCode(), AlpdeskCoreConstants::$STATUSCODE_COMMONERROR);

}

}

}
6 changes: 4 additions & 2 deletions src/Controller/Filemanagement/AlpdeskCoreFilemanagementController.php
View file
Original file line number Diff line number Diff line change
Expand Up @@ -125,7 +125,8 @@ public function download(Request $request, UserInterface $user): BinaryFileRespo

$this->framework->initialize();

$downloadData = (array)\json_decode($request->getContent(), true);
// $request->getContent() must always be a valid JSON
$downloadData = (array)\json_decode($request->getContent(), true, 512, JSON_THROW_ON_ERROR);

$file = (new AlpdeskCoreFilemanagement($this->rootDir, $this->eventService))->download($user, $downloadData);
$this->logger->info('Download successfully', __METHOD__);
Expand Down Expand Up @@ -155,7 +156,8 @@ public function finder(Request $request, UserInterface $user): JsonResponse

$this->framework->initialize();

$finderData = (array)\json_decode($request->getContent(), true);
// $request->getContent() must always be a valid JSON
$finderData = (array)\json_decode($request->getContent(), true, 512, JSON_THROW_ON_ERROR);

$response = (new AlpdeskCoreFilemanagement($this->rootDir, $this->eventService))->finder($user, $finderData);
$this->logger->info('Finder successfully', __METHOD__);
Expand Down
15 changes: 9 additions & 6 deletions src/Controller/Logs/AlpdeskcoreLogsController.php
View file
Original file line number Diff line number Diff line change
Expand Up @@ -10,9 +10,9 @@
use Contao\File;
use Contao\Input;
use Contao\System;
use Symfony\Bundle\SecurityBundle\Security;
use Symfony\Component\HttpFoundation\RequestStack;
use Symfony\Component\HttpFoundation\Session\SessionInterface;
use Symfony\Component\Security\Core\Security;
use Symfony\Component\Security\Csrf\CsrfTokenManagerInterface;
use Symfony\Component\HttpFoundation\Response;
use Symfony\Component\Routing\RouterInterface;
Expand Down Expand Up @@ -44,9 +44,12 @@ public function __construct(
$this->security = $security;
}

private function getCurrentSession(): SessionInterface
/**
* @return SessionInterface|null
*/
private function getCurrentSession(): ?SessionInterface
{
return $this->requestStack->getCurrentRequest()->getSession();
return $this->requestStack->getCurrentRequest()?->getSession();
}

/**
Expand Down Expand Up @@ -138,9 +141,9 @@ private function checkFilter(): void
$filterValue = Input::postRaw('filterValue');

if ($filterValue !== null) {
$this->getCurrentSession()->set('alpdeskcore_logsfilter', $filterValue);
$this->getCurrentSession()?->set('alpdeskcore_logsfilter', $filterValue);
} else {
$this->getCurrentSession()->set('alpdeskcore_logsfilter', null);
$this->getCurrentSession()?->set('alpdeskcore_logsfilter', null);
}

Controller::redirect($this->router->generate('alpdesk_logs_backend'));
Expand Down Expand Up @@ -184,7 +187,7 @@ public function endpoint(): Response

System::loadLanguageFile('default');

$filterValue = $this->getCurrentSession()->get('alpdeskcore_logsfilter');
$filterValue = $this->getCurrentSession()?->get('alpdeskcore_logsfilter');
if ($filterValue === null) {
$filterValue = '';
}
Expand Down
Loading

0 comments on commit aabfcd6

Please sign in to comment.