protected static function getApps()
{
if (SessionUtilities::isAuthenticated()) {
$user = SessionUtilities::user();
$defaultAppId = $user->default_app_id;
if (SessionUtilities::isSysAdmin()) {
$appGroups = AppGroupModel::with(['app_by_app_to_app_group' => function ($q) {
$q->whereIsActive(1)->whereNotIn('type', [AppTypes::NONE]);
}])->get();
$apps = AppModel::whereIsActive(1)->whereNotIn('type', [AppTypes::NONE])->get();
} else {
$userId = $user->id;
$userAppRoles = UserAppRole::whereUserId($userId)->whereNotNull('role_id')->get(['app_id']);
$appIds = [];
foreach ($userAppRoles as $uar) {
$appIds[] = $uar->app_id;
}
$appIdsString = implode(',', $appIds);
$appIdsString = empty($appIdsString) ? '-1' : $appIdsString;
$typeString = implode(',', [AppTypes::NONE]);
$typeString = empty($typeString) ? '-1' : $typeString;
$appGroups = AppGroupModel::with(['app_by_app_to_app_group' => function ($q) use($appIdsString, $typeString) {
$q->whereRaw("(app.id IN ({$appIdsString}) OR role_id > 0) AND is_active = 1 AND type NOT IN ({$typeString})");
}])->get();
$apps = AppModel::whereRaw("(app.id IN ({$appIdsString}) OR role_id > 0) AND is_active = 1 AND type NOT IN ({$typeString})")->get();
}
} else {
$appGroups = AppGroupModel::with(['app_by_app_to_app_group' => function ($q) {
$q->where('role_id', '>', 0)->whereIsActive(1)->whereNotIn('type', [AppTypes::NONE]);
}])->get();
$apps = AppModel::whereIsActive(1)->where('role_id', '>', 0)->whereNotIn('type', [AppTypes::NONE])->get();
}
if (empty($defaultAppId)) {
$systemConfig = SystemConfig::first(['default_app_id']);
$defaultAppId = !empty($systemConfig) ? $systemConfig->default_app_id : null;
}
$inGroups = [];
$groupedApps = [];
$noGroupedApps = [];
foreach ($appGroups as $appGroup) {
$appArray = $appGroup->getRelation('app_by_app_to_app_group')->toArray();
if (!empty($appArray)) {
$appInfo = [];
foreach ($appArray as $app) {
$inGroups[] = $app['id'];
$appInfo[] = static::makeAppInfo($app, $defaultAppId);
}
$groupedApps[] = ['id' => $appGroup->id, 'name' => $appGroup->name, 'description' => $appGroup->description, 'app' => $appInfo];
}
}
/** @type AppModel $app */
foreach ($apps as $app) {
if (!in_array($app->id, $inGroups)) {
$noGroupedApps[] = static::makeAppInfo($app->toArray(), $defaultAppId);
}
}
return [$groupedApps, $noGroupedApps];
}
public function testApiKeyUserRole()
{
$user = ['name' => 'John Doe', 'first_name' => 'John', 'last_name' => 'Doe', 'email' => '*****@*****.**', 'password' => 'test1234', 'security_question' => 'Make of your first car?', 'security_answer' => 'mazda', 'is_active' => true];
$role = ['name' => 'test_role', 'is_active' => true, 'role_service_access_by_role_id' => [['service_id' => 1, 'component' => 'config', 'verb_mask' => 1, 'requestor_mask' => 1]]];
$this->service = ServiceHandler::getService('system');
$rs = $this->makeRequest(Verbs::POST, 'user', [], [$user]);
$data = $rs->getContent();
$userId = Arr::get($data, static::$wrapper . '.0.id');
$this->service = ServiceHandler::getService('system');
$rs = $this->makeRequest(Verbs::POST, 'role', [], [$role]);
$data = $rs->getContent();
$roleId = Arr::get($data, static::$wrapper . '.0.id');
\DreamFactory\Core\Models\UserAppRole::create(['user_id' => $userId, 'app_id' => 1, 'role_id' => $roleId]);
$app = App::find(1);
$apiKey = $app->api_key;
$myUser = User::find($userId);
$token = JWTUtilities::makeJWTByUser($myUser->id, $myUser->email);
$this->call(Verbs::GET, '/api/v2/system', [], [], [], ['HTTP_X_DREAMFACTORY_API_KEY' => $apiKey, 'HTTP_X_DREAMFACTORY_SESSION_TOKEN' => $token]);
$this->assertFalse(Session::isSysAdmin());
$this->assertEquals($roleId, Session::get('role.id'));
$rsa = Session::get('role.services');
$this->assertTrue(!empty($rsa));
}
/**
* Use this primarily in middle-ware or where no session is established yet.
* Once session is established, the role id is accessible via Session.
*
* @param int $app_id
* @param int $user_id
*
* @return null|int The role id or null for admin
*/
public static function getRoleIdByAppIdAndUserId($app_id, $user_id)
{
$appIdUserIdToRoleIdMap = \Cache::get('appIdUserIdToRoleIdMap', []);
if (isset($appIdUserIdToRoleIdMap[$app_id], $appIdUserIdToRoleIdMap[$app_id][$user_id])) {
return $appIdUserIdToRoleIdMap[$app_id][$user_id];
}
$map = UserAppRole::whereUserId($user_id)->whereAppId($app_id)->first(['role_id']);
if ($map) {
$appIdUserIdToRoleIdMap[$app_id][$user_id] = $map->role_id;
\Cache::put('appIdUserIdToRoleIdMap', $appIdUserIdToRoleIdMap, \Config::get('df.default_cache_ttl'));
return $map->role_id;
}
return null;
}
public static function invalidateTokenByAppId($appId)
{
$userAppRole = UserAppRole::whereAppId($appId)->get(['user_id']);
if (!empty($userAppRole) && is_array($userAppRole)) {
foreach ($userAppRole as $uar) {
static::invalidateTokenByUserId($uar->user_id);
}
}
}
/**
* Assigns a role to a user for all apps in the system.
*
* @param $user
* @param $defaultRole
*
* @return bool
* @throws \Exception
*/
public static function applyDefaultUserAppRole($user, $defaultRole)
{
$apps = App::all();
if (count($apps) === 0) {
return false;
}
foreach ($apps as $app) {
if (!UserAppRole::whereUserId($user->id)->whereAppId($app->id)->exists()) {
$userAppRoleData = ['user_id' => $user->id, 'app_id' => $app->id, 'role_id' => $defaultRole];
UserAppRole::create($userAppRoleData);
}
}
return true;
}