public function showChannels()
{
$options = array('default' => Renegade::databaseForId($_GET['id']));
$db = Renegade::database(RenegadeConstants::kDatabaseMongoDB, RenegadeConstants::kDatabaseChannels, $options);
$channels = $db->find();
if ($channels->count()) {
foreach ($channels as $channel) {
/*
TODO Need a way to include the channels permissions in the channel view
just to let people know what they are allowed to do to their respective channels.
below are just the default permissions, they don't reflect the actual permissions for this user.
this will also be important when the application owner manages subscriptions.
*/
$channel['permission_read'] = $channel['defaultPermissions'] & RenegadeConstants::kPermissionRead ? 'Yes' : 'No';
$channel['permission_write'] = $channel['defaultPermissions'] & RenegadeConstants::kPermissionWrite ? 'Yes' : 'No';
$channel['permission_delete'] = $channel['defaultPermissions'] & RenegadeConstants::kPermissionDelete ? 'Yes' : 'No';
$channel['current_application'] = $this->application['_id'];
if ($channel['application'] != $this->application['_id']) {
echo new ChannelDetail($channel, ChannelDetail::kContextSubscription);
} else {
echo new ChannelDetail($channel);
}
}
} else {
echo 'No Channels';
}
}
public static function open()
{
$db = Renegade::database(RenegadeConstants::kDatabaseRedis, RenegadeConstants::kDatabaseSessions);
self::$handle = $db;
self::$lifetime = ini_get('session.gc_maxlifetime');
return true;
}
public function validate()
{
$value = $this->form->{$this->key};
$this->updateRequiredFlag($value);
// couchdb
/*
$db = Renegade::database();
$user = $db->document($value);
if($user['error'] == 'not_found')
{
$this->isValid = true;
}
*/
// tokyo cabinet
/*
$db = Renegade::database(RenegadeConstants::kDatabaseTokyoCabinet);
if( $db->vsiz($value) === false) $this->isValid = true;
*/
// redis
$key = RenegadeConstants::kTypeUser . ':' . $value;
$db = Renegade::database(RenegadeConstants::kDatabaseRedis, RenegadeConstants::kDatabaseUsers);
$result = null;
$result = $db->get($key);
if (!$result) {
$this->isValid = true;
}
}
public function generateVerificationForUserWithKey(User $user, $key)
{
$key = RenegadeConstants::kTypeVerification . ':' . $key;
$db = Renegade::database(RenegadeConstants::kDatabaseRedis, RenegadeConstants::kDatabaseVerification);
$value = array('user' => $user->_id, 'timestamp' => time());
// our tokens should be sufficienly random enough so as never to conflict,
// but just in case the issue ever comes up, look into setnx
$db->set($key, json_encode($value));
}
protected function page_load()
{
$this->hasAuthorizedUser = Renegade::hasAuthorizedUser();
if ($this->requiresAuthorization && !$this->hasAuthorizedUser) {
header('Location: /');
}
$this->session = Renegade::session();
$this->initialize();
}
protected function page_load($argc = 0, $argv = null)
{
$dir = dirname(__FILE__);
$options = array();
$navigation = null;
$source = Renegade::hasAuthorizedUser() ? $dir . '/NavigationAuthorizedTrue.html' : $dir . '/NavigationAuthorizedFalse.html';
$navigation = AMDisplayObject::initWithURLAndDictionary($source, $options);
echo $navigation;
}
public function validate()
{
$value = RenegadeConstants::kChannelPrefix . '/' . Channel::format($this->form->{$this->key});
$this->updateRequiredFlag($value);
$db = Renegade::database();
$response = $db->info(urlencode($value));
if (isset($response['error']) && $response['error'] == 'not_found') {
$this->isValid = true;
}
}
public function __toString()
{
$session = Renegade::session();
$owner = $session->user;
$users = array();
$this->private = (bool) $this->private ? true : false;
if ($this->private) {
$users[] = $owner;
}
return json_encode(array('owner' => $owner, 'api_key' => $this->api_key, 'api_secret' => $this->api_secret, 'private' => $this->private, 'users' => $users, 'type' => RenegadeConstants::kTypeChannel));
}
protected function initialize()
{
$context = array(AMForm::kDataKey => $_GET);
$form = AMForm::formWithContext($context);
$form->addValidator(new ApplicationIdValidator('id', true, 'Invalid application id'));
if ($form->isValid) {
$id = $_GET['id'];
$applications = Renegade::database(RenegadeConstants::kDatabaseMongoDB, RenegadeConstants::kDatabaseApplications);
$app = $applications->findOne(array('_id' => $id, 'owner' => $this->session->user));
if (!$app) {
Renegade::redirect('/applications');
}
$this->application = $app;
} else {
Renegade::redirect('/applications');
}
}
public function showApplications()
{
$mongodb = Renegade::database(RenegadeConstants::kDatabaseMongoDB, RenegadeConstants::kDatabaseApplications);
$redis = Renegade::database(RenegadeConstants::kDatabaseRedis, RenegadeConstants::kDatabaseCertificates);
$session = Renegade::session();
$response = $mongodb->find(array('owner' => $session->user));
if ($response->count()) {
foreach ($response as $id => $application) {
// mget might be better here...
$certificate = json_decode($redis->get($application['certificate']), true);
$application['api_key'] = $certificate['key'];
$application['api_secret'] = $certificate['secret'];
$application['permission_read'] = $application['defaultPermissions'] & RenegadeConstants::kPermissionRead ? 'Yes' : 'No';
$application['permission_write'] = $application['defaultPermissions'] & RenegadeConstants::kPermissionWrite ? 'Yes' : 'No';
$application['permission_delete'] = $application['defaultPermissions'] & RenegadeConstants::kPermissionDelete ? 'Yes' : 'No';
echo new ApplicationDetail($application);
}
} else {
echo 'No Applications';
}
}
public function validate()
{
$value = $this->form->{$this->key};
$this->updateRequiredFlag($value);
// couchdb
/*
$db = Renegade::database();
$options = array('key'=>$value);
$view = $db->view('accounts/email', $options);
if(count($view) == 0)
{
$this->isValid = true;
}*/
// redis
$key = RenegadeConstants::kTypeUser . ':' . $value;
$db = Renegade::database(RenegadeConstants::kDatabaseRedis, RenegadeConstants::kDatabaseUsers);
$result = null;
$result = $db->get($key);
if (!$result) {
$this->isValid = true;
}
}
private function processDelete(AMForm $form)
{
$options = array('default' => Renegade::databaseForId($this->application_id));
$subscriptions = Renegade::database(RenegadeConstants::kDatabaseMongoDB, RenegadeConstants::kDatabaseSubscriptions, $options);
$certificates = Renegade::database(RenegadeConstants::kDatabaseRedis, RenegadeConstants::kDatabaseCertificates);
$data = $subscriptions->findOne(array('_id' => new MongoId($form->inputSubscription)));
$remote_options = array('default' => Renegade::databaseForId($data['application']));
$remote_channels = Renegade::database(RenegadeConstants::kDatabaseMongoDB, RenegadeConstants::kDatabaseChannels, $remote_options);
$subscriptions->remove(array('_id' => new MongoId($form->inputSubscription)));
$remote_channels->remove(array('_id' => $data['channel']));
$certificates->delete($data['certificate']);
}
* @author Adam Venturella <*****@*****.**>
* @copyright Copyright (C) 2010 Adam Venturella
* @license http://www.apache.org/licenses/LICENSE-2.0 Apache 2.0
*
**/
require $_SERVER['DOCUMENT_ROOT'] . '/application/lib/axismundi/forms/AMForm.php';
require $_SERVER['DOCUMENT_ROOT'] . '/application/forms/validators/ApplicationIdValidator.php';
$session = Renegade::session();
if (count($_POST)) {
$session = Renegade::session();
if (strlen($session->user) > 0) {
$context = array(AMForm::kDataKey => $_POST);
$form = AMForm::formWithContext($context);
$form->addValidator(new ApplicationIdValidator('inputApplicationId', true, 'Invalid application id'));
if ($form->isValid) {
$applications = Renegade::database(RenegadeConstants::kDatabaseMongoDB, RenegadeConstants::kDatabaseApplications);
$app = $applications->findOne(array('_id' => $form->inputApplicationId, 'owner' => $session->user));
if (!$app) {
Renegade::redirect('/applications');
} else {
$read = $form->inputRead ? RenegadeConstants::kPermissionRead : 0;
$write = $form->inputWrite ? RenegadeConstants::kPermissionWrite : 0;
$delete = $form->inputDelete ? RenegadeConstants::kPermissionDelete : 0;
$app['defaultPermissions'] = $read | $write | $delete;
$applications->update(array('_id' => $app['_id']), $app);
}
}
}
}
Renegade::redirect('/applications');
if ($isEmail) {
$key = json_decode($db->get($key));
if ($key) {
$name = $key;
$key = RenegadeConstants::kTypeUser . ':' . $key;
$data = $db->get($key);
}
} else {
$data = $db->get($key);
}
if ($data) {
$user = json_decode($data, true);
if ($user['verified'] == true) {
if ($password == $user['password']) {
// SUCCESS
Renegade::authorizeUser($name);
header('Location: /');
} else {
// INVALID PASSWORD
echo 'invalid password';
}
} else {
// NOT VERIFIED
// the user is valid, and they provided the proper credentials,
// but they are not verified by their e-mail address
echo 'user not verified';
}
} else {
// NO USER
echo 'no such user';
}
<?php
/**
* Galaxy - Foundry
*
* Copyright (C) 2010 Adam Venturella
*
* LICENSE:
*
* Licensed under the Apache License, Version 2.0 (the "License"); you may not
* use this file except in compliance with the License. You may obtain a copy
* of the License at
*
* http://www.apache.org/licenses/LICENSE-2.0
*
* This library is distributed in the hope that it will be useful, but WITHOUT ANY WARRANTY;
* without even the implied warranty of MERCHANTABILITY or FITNESS FOR A PARTICULAR
* PURPOSE. See the License for the specific language governing permissions and
* limitations under the License.
*
* Author: Adam Venturella - aventurella@gmail.com
*
* @package foundry
* @subpackage forms
* @author Adam Venturella <*****@*****.**>
* @copyright Copyright (C) 2010 Adam Venturella
* @license http://www.apache.org/licenses/LICENSE-2.0 Apache 2.0
*
**/
Renegade::logout();
header('Location: /');
$form->addValidator(new AMPatternValidator('inputName', true, '/^\\w+$/', 'Screen Name may only container letters, numbers or _'));
$form->addValidator(new UniqueUsernameValidator('inputName', true, 'Username is not unique, please choose an alternative name'));
$form->addValidator(new AMEmailValidator('inputEmail', true, 'Please provide a valid e-mail address'));
$form->addValidator(new UniqueEmailValidator('inputEmail', true, 'Email address is currently in use'));
$form->addValidator(new AMMatchValidator('inputPassword', 'inputPasswordVerify', true, 'Password must match'));
$form->addValidator(new AMInputValidator('inputPassword', true, 4, null, 'Password must be at least 4 characters long'));
$form->addValidator(new AMPatternValidator('inputPassword', true, '/^[\\S]+$/', 'Password cannot contain spaces'));
$form->validate();
if ($form->isValid) {
$user = new User();
$user->email = $form->inputEmail;
$user->password = $form->inputPassword;
$user->id = $form->inputName;
$user->verified = false;
$id = strtolower($form->inputName);
$db = Renegade::database(RenegadeConstants::kDatabaseRedis, RenegadeConstants::kDatabaseUsers);
$verification_token = renegade_generate_token();
User::generateVerificationForUserWithKey($user, $verification_token);
// by the time we are here, we can set the record
// but just in case we run msetnx to be sure we are not overwritting someone elses account.
$db->msetnx($user->array);
$email = new AuthorizeAccountMail(array(strtolower($form->inputEmail)), $verification_token);
$email->send();
} else {
foreach ($form->validators as $validator) {
if ($validator->isValid == false) {
echo $validator->message . "\n";
}
}
}
} else {
$data = $subscriptions->find(array('channel' => $form->inputChannelId));
foreach ($data as $subscription) {
$options = array('default' => Renegade::databaseForId($subscription['application']));
$channels = Renegade::database(RenegadeConstants::kDatabaseMongoDB, RenegadeConstants::kDatabaseChannels, $options);
$channels->remove(array('_id' => $subscription['channel']));
$subscriptions->remove(array('_id' => $subscription['_id']));
$redis->delete($subscription['certificate']);
}
} else {
// we are deleting a subscription only
$options_channels = array('default' => Renegade::databaseForId($form->inputApplicationId));
$options_subscriptions = array('default' => null);
$channels = Renegade::database(RenegadeConstants::kDatabaseMongoDB, RenegadeConstants::kDatabaseChannels, $options_channels);
$data = $channels->findOne(array('_id' => $form->inputChannelId));
$options_subscriptions['default'] = Renegade::databaseForId($data['application']);
$subscriptions = Renegade::database(RenegadeConstants::kDatabaseMongoDB, RenegadeConstants::kDatabaseSubscriptions, $options_subscriptions);
$record = $subscriptions->findOne(array('application' => $form->inputApplicationId, 'channel' => $data['_id']));
$subscriptions->remove(array('_id' => $record['_id']));
$channels->remove(array('_id' => $form->inputChannelId));
$redis->delete($record['certificate']);
}
header('Location:/applications/' . $form->inputApplicationId . '/channels');
exit;
} else {
header('Location:/applications');
exit;
}
}
}
header('Location:/applications');
exit;
public function generate_metadata()
{
$metadata = false;
$metadata = array('_id' => $this->channelId(), 'database' => Renegade::databaseForId($this->channelId()), 'application' => $this->application, 'label' => $this->label, 'description' => $this->description, 'defaultPermissions' => $this->defaultPermissions, 'requests' => 0, 'created' => Renegade::datetime(), 'type' => RenegadeConstants::kTypeChannel);
return $metadata;
}
$form = AMForm::formWithContext($context);
$form->addValidator(new AMPatternValidator('inputCertificate', true, '/^' . RenegadeConstants::kTypeCertificate . ':[a-z0-9]{32,32}$/', 'Invalid Certificate'));
$form->addValidator(new ApplicationIdValidator('inputId', true, 'Invalid application id'));
if ($form->isValid) {
$options_local = array('default' => Renegade::databaseForId($form->inputId));
$subscriptions = Renegade::database(RenegadeConstants::kDatabaseMongoDB, RenegadeConstants::kDatabaseSubscriptions, $options_local);
$certificates = Renegade::database(RenegadeConstants::kDatabaseRedis, RenegadeConstants::kDatabaseCertificates);
$applications = Renegade::database(RenegadeConstants::kDatabaseMongoDB, RenegadeConstants::kDatabaseApplications);
$store = Renegade::database(RenegadeConstants::kDatabaseMongoDB, null, $options_local);
$data = $subscriptions->find();
// flush all the channels
foreach ($data as $subscription) {
if ($subscription['application'] != $form->inputId) {
// we need to clear the channel from a remote application
$options_remote = array('default' => Renegade::databaseForId($subscription['application']));
$channels_remote = Renegade::database(RenegadeConstants::kDatabaseMongoDB, RenegadeConstants::kDatabaseChannels, $options_remote);
$channels_remote->remove(array('_id' => $subscription['channel']));
/*
TODO need to remember if whenyou subscribe to a channel if a channel gets written + a subscription to the subscribing applications
info. I forget... If it does we need to delete the remote subscription too not just the channel. I don't think it works tha way
but I don't have that part fully written yet either.
$subscriptions_remote = Renegade::database(RenegadeConstants::kDatabaseMongoDB, RenegadeConstants::kDatabaseSubscription, $options_remote);
*/
}
//echo $subscription['certificate'];
$certificates->delete($subscription['certificate']);
}
$applications->remove(array('_id' => $form->inputId));
$store->drop();
$certificates->delete($form->inputCertificate);
}
$form->addValidator(new MatchValidator('inputPassword', 'inputPasswordVerify', true, 'Password must match'));
$form->addValidator(new InputValidator('inputPassword', true, 4, null, 'Password must be at least 4 characters long'));
$form->addValidator(new InversePatternValidator('inputPassword', true, '/\\s/', 'Password may not contain spaces'));
$context |= $kPasswordUpdate;
}
if ($context > 0) {
$form->validate();
if ($form->isValid) {
$user = Renegade::authorizedUser();
if ($context & $kEmailUpdate) {
$user['email'] = $form->inputEmail;
}
if ($context & $kPasswordUpdate) {
$user['password'] = renegade_security_hash($form->inputPassword);
}
$db = Renegade::database();
$db->put($user, $user['_id']);
$response->ok = true;
} else {
$response->error = 'invalid';
$response->reason = 'validators';
$response->validators = array();
foreach ($form->validators as $validator) {
if ($validator->isValid == false) {
$error = new stdClass();
$error->key = $validator->key;
$error->reason = $validator->message;
$response->validators[] = $error;
}
}
}
in couchdb so we can generate a list of applications for them to browser.
The CouchDB record will hold the key in redis to get the auth tokens. This will probably
not be under heavy usage, so the slower couchdb is fine. Basically CouchDB will get the metadata
of the application
*/
$application = new Application($form->inputId);
$application->setApplicationOwner($session->user);
$application->setDescription($form->inputName);
$application->setDomain($form->inputDomain);
$application->setApplicationType($form->inputType);
$application->setDefaultPermissions($form->inputRead | $form->inputWrite | $form->inputDelete);
$certificate = $application->generate_certificate();
if ($certificate) {
$metadata = $application->generate_metadata();
$redis = Renegade::database(RenegadeConstants::kDatabaseRedis, RenegadeConstants::kDatabaseCertificates);
$mongodb = Renegade::database(RenegadeConstants::kDatabaseMongoDB, RenegadeConstants::kDatabaseApplications);
$mongodb->insert($metadata);
$redis->set($certificate['key'], json_encode($certificate['value']));
}
header('Location:/applications');
} else {
foreach ($form->validators as $validator) {
if ($validator->isValid == false) {
echo $validator->message . "\n";
}
}
}
} else {
header('Location: /');
}
} else {
public function logout()
{
$session = Renegade::session();
$session->reset();
}
public function authorizedUser()
{
$session = Renegade::session();
return $session->user;
}
$channel->setLabel($remote_channel['label']);
$channel->setDescription($remote_channel['description']);
$channel->setDefaultPermissions($remote_channel['defaultPermissions']);
$certificate = $channel->generate_certificate($remote_channel['defaultPermissions']);
$metadata = $channel->generate_metadata();
$metadata['requests'] = $remote_channel['requests'];
$subscription = new Subscription();
$subscription->setCertificate($certificate['key']);
$subscription->setApplication($form->inputApplicationId);
$subscription->setChannel($metadata['_id']);
$subscription->setMaster(false);
$db_remote_options = array('default' => Renegade::databaseForId($remote_application));
$db_remote_subscriptions = Renegade::database(RenegadeConstants::kDatabaseMongoDB, RenegadeConstants::kDatabaseSubscriptions, $db_remote_options);
$certificates = Renegade::database(RenegadeConstants::kDatabaseRedis, RenegadeConstants::kDatabaseCertificates);
$db_remote_subscriptions->insert($subscription->toArray());
$db_channels->insert($metadata);
$certificates->set($certificate['key'], $certificate['value']);
// All Done
Renegade::redirect('/applications/' . $form->inputApplicationId . '/channels');
}
} else {
echo 'channel not found';
//Renegade::redirect('/applications/'.$form->inputApplicationId.'./channels');
}
}
}
}
}
}
Renegade::redirect('/');
