public function executeDelete()
{
$token = mfwRequest::param('token', null, 'POST');
if ($token !== mfwSession::get(self::SESKEY_TOKEN)) {
return $this->buildErrorPage('Bad Request', array(self::HTTP_400_BADREQUEST));
}
mfwSession::clear(self::SESKEY_TOKEN);
$con = mfwDBConnection::getPDO();
$con->beginTransaction();
try {
$this->app = ApplicationDb::retrieveByPKForUpdate($this->app->getId());
$this->package->delete($con);
if ($this->app->getLastUpload() == $this->package->getCreated()) {
// 最終アップデート時刻を前のものに戻す
$pkg = PackageDb::selectNewestOneByAppId($this->app->getId());
$lastupload = $pkg ? $pkg->getCreated() : null;
$this->app->updateLastUpload($lastupload, $con);
}
$con->commit();
} catch (Exception $e) {
$con->rollback();
error_log(__METHOD__ . '(' . __LINE__ . '): ' . get_class($e) . ":{$e->getMessage()}");
throw $e;
}
apache_log('app_id', $this->app->getId());
apache_log('pkg_id', $this->package->getId());
apache_log('platform', $this->package->getPlatform());
try {
$this->package->deleteFile();
} catch (Exception $e) {
// S3から削除出来なくてもDBからは消えているので許容する
}
return $this->redirect("/app?id={$this->app->getId()}");
}
public function initialize()
{
if ($err = parent::initialize()) {
return $err;
}
// いくつかのapiはAPI Key認証なのでログイン不要
if ($this->module === 'api') {
if (in_array($this->action, array('upload', 'package_list', 'delete', 'create_token'))) {
return null;
}
}
// package/install_plist はセッションが使えないため別途認証する.
if ($this->module === 'package' && $this->action === 'install_plist') {
return null;
}
$this->login_user = User::getLoginUser();
if (!$this->login_user && $this->getModule() != 'login') {
$scheme = Config::get('enable_https') ? 'https' : null;
$this->saveUrlBeforeLogin($scheme);
return $this->redirect(mfwRequest::makeUrl('/login', $scheme));
}
if ($this->login_user) {
apache_log('user', $this->login_user->getMail());
}
return null;
}
public function executeInstall()
{
$pf = $this->package->getPlatform();
$ua = mfwRequest::userAgent();
if ($pf === Package::PF_IOS && $ua->isIOS()) {
// itms-service での接続はセッションを引き継げない
// 一時トークンをURLパラメータに付けることで認証する
$scheme = Config::get('enable_https') ? 'https' : null;
// HTTPSが使えるならHTTPS優先
$plist_url = mfwHttp::composeUrl(mfwRequest::makeUrl('/package/install_plist', $scheme), array('id' => $this->package->getId(), 't' => $this->makeToken()));
$url = 'itms-services://?action=download-manifest&url=' . urlencode($plist_url);
} else {
// iPhone以外でのアクセスはパッケージを直接DL
$url = $this->package->getFileUrl('+60 min');
}
$con = mfwDBConnection::getPDO();
$con->beginTransaction();
try {
InstallLog::Logging($this->login_user, $this->package, $ua, $con);
$con->commit();
} catch (Exception $e) {
$con->rollback();
error_log(__METHOD__ . '(' . __LINE__ . '): ' . get_class($e) . ":{$e->getMessage()}");
throw $e;
}
apache_log('app_id', $this->app->getId());
apache_log('pkg_id', $this->package->getId());
apache_log('platform', $this->package->getPlatform());
return $this->redirect($url);
}
public function executeGoogle_callback()
{
$code = mfwRequest::param('code');
$token = $this->getAccessToken($code);
$userinfo = $this->getUserInfo($token);
$mail = isset($userinfo['email']) ? $userinfo['email'] : null;
if (!$this->checkAccount($mail)) {
return $this->redirect('/login/google_error');
}
User::login($mail);
apache_log('user', $mail);
return $this->redirectUrlBeforeLogin();
}
public function executeCreate_token()
{
$token_expire = '+1 hours';
$expire_time = strtotime($token_expire);
$mc_expire = $expire_time - time();
$tokendata = array('mail' => $this->login_user->getMail(), 'package_id' => $this->package->getId(), 'expire' => date('Y-m-d H:i:s', $expire_time));
$token = Random::string(32);
mfwMemcache::set(self::INSTALL_TOKEN_PREFIX . $token, json_encode($tokendata), $mc_expire);
apache_log('token', $token);
apache_log('token_data', $tokendata);
$params = array('token' => $token, 'expire' => $tokendata['expire'], 'token_url' => mfwRequest::makeURL("/package/install?token={$token}"));
return $this->build($params);
}
public function executeUpload_post()
{
$temp_name = mfwRequest::param('temp_name');
$platform = mfwRequest::param('platform');
$title = mfwRequest::param('title');
$description = mfwRequest::param('description');
$tag_names = mfwRequest::param('tags');
$ios_identifier = mfwRequest::param('ios_identifier');
$notify = mfwRequest::param('notify');
$org_filename = mfwRequest::param('file_name');
$filesize = mfwRequest::param('file_size');
if (!$temp_name || !$title) {
error_log(__METHOD__ . '(' . __LINE__ . "): bad request: {$temp_name}, {$title}");
return $this->response(self::HTTP_400_BADREQUEST);
}
$ext = pathinfo($temp_name, PATHINFO_EXTENSION);
$con = mfwDBConnection::getPDO();
$con->beginTransaction();
try {
$app = ApplicationDb::retrieveByPKForUpdate($this->app->getId(), $con);
$tags = $app->getTagsByName($tag_names, $con);
$pkg = PackageDb::insertNewPackage($this->app->getId(), $platform, $ext, $title, $description, $ios_identifier, $org_filename, $filesize, $tags, $con);
$pkg->renameTempFile($temp_name);
$app->updateLastUpload($pkg->getCreated(), $con);
$con->commit();
} catch (Exception $e) {
error_log(__METHOD__ . '(' . __LINE__ . '): ' . get_class($e) . ":{$e->getMessage()}");
$con->rollback();
throw $e;
}
if ($notify) {
try {
$users = $app->getInstallUsers();
$users->noticePackageUploaded($pkg);
} catch (Exception $e) {
// アップロード通知が送れなくても許容する
error_log(__METHOD__ . '(' . __LINE__ . '): ' . get_class($e) . ":{$e->getMessage()}");
}
}
apache_log('app_id', $app->getId());
apache_log('pkg_id', $pkg->getId());
return $this->redirect("/package?id={$pkg->getId()}");
}
public function executePackage_list()
{
try {
$api_key = mfwRequest::param('api_key');
$app = ApplicationDb::selectByApiKey($api_key);
if (!$app) {
return $this->jsonResponse(self::HTTP_400_BADREQUEST, array('error' => 'Invalid api_key'));
}
$pkgs = PackageDb::selectByAppId($app->getId());
$ret = array();
foreach ($pkgs as $pkg) {
$ret[] = $this->makePackageArray($pkg);
}
} catch (Exception $e) {
error_log(__METHOD__ . '(' . __LINE__ . '): ' . get_class($e) . ":{$e->getMessage()}");
return $this->jsonResponse(self::HTTP_500_INTERNALSERVERERROR, array('error' => $e->getMessage(), 'exception' => get_class($e)));
}
apache_log('app_id', $app->getId());
return $this->jsonResponse(self::HTTP_200_OK, $ret);
}
public function executeDelete()
{
$con = null;
try {
$api_key = mfwRequest::param('api_key');
$pkg_id = mfwRequest::param('id');
$app = ApplicationDb::selectByApiKey($api_key);
if (!$app) {
return $this->jsonResponse(self::HTTP_400_BADREQUEST, array('error' => 'Invalid api_key'));
}
$pkg = PackageDb::retrieveByPK($pkg_id);
if (!$pkg || $app->getId() !== $pkg->getAppId()) {
return $this->jsonResponse(self::HTTP_400_BADREQUEST, array('error' => 'Invalid package id'));
}
$con = mfwDBConnection::getPDO();
$con->beginTransaction();
$app = ApplicationDb::retrieveByPKForUpdate($app->getId(), $con);
$pkg->delete($con);
if ($app->getLastUpload() == $pkg->getCreated()) {
// 最終アップデート時刻を前のものに戻す
$pkg = PackageDb::selectNewestOneByAppId($app->getId());
$lastupload = $pkg ? $pkg->getCreated() : null;
$app->updateLastUpload($lastupload, $con);
}
$con->commit();
} catch (Exception $e) {
if ($con) {
$con->rollback();
}
error_log(__METHOD__ . '(' . __LINE__ . '): ' . get_class($e) . ":{$e->getMessage()}");
return $this->jsonResponse(self::HTTP_500_INTERNALSERVERERROR, array('error' => $e->getMessage(), 'exception' => get_class($e)));
}
try {
$pkg->deleteFile();
} catch (Exception $e) {
// S3から削除出来なくてもDBからは消えているので許容する
}
apache_log('app_id', $app->getId());
apache_log('pkg_id', $pkg->getId());
return $this->jsonResponse(self::HTTP_200_OK, $this->makePackageArray($pkg));
}
public function executeCreate_token()
{
try {
$api_key = mfwRequest::param('api_key');
$pkg_id = mfwRequest::param('id');
$mail = mfwRequest::param('mail');
$expire_hour = mfwRequest::param('expire_hour');
// api_key check
$app = ApplicationDb::selectByApiKey($api_key);
if (!$app) {
return $this->jsonResponse(self::HTTP_400_BADREQUEST, array('error' => 'Invalid api_key'));
}
// id check
$pkg = PackageDb::retrieveByPK($pkg_id);
if (!$pkg || $app->getId() !== $pkg->getAppId()) {
return $this->jsonResponse(self::HTTP_400_BADREQUEST, array('error' => 'Invalid package id'));
}
// mail check
$owner_mails = $app->getOwners()->getMailArray();
if (!in_array($mail, $owner_mails)) {
return $this->jsonResponse(self::HTTP_400_BADREQUEST, array('error' => 'Invalid mail address'));
}
// create install token
$expire_hour = empty($expire_hour) ? 1 : $expire_hour;
$token_expire = sprintf('+%s hours', $expire_hour);
$expire_time = strtotime($token_expire);
$mc_expire = $expire_time - time();
$tokendata = array('mail' => $mail, 'package_id' => $pkg_id, 'expire' => date('Y-m-d H:i:s', $expire_time));
$token = Random::string(32);
mfwMemcache::set(self::INSTALL_TOKEN_PREFIX . $token, json_encode($tokendata), $mc_expire);
apache_log('token', $token);
apache_log('token_data', $tokendata);
$ret = $this->makePackageArray($pkg);
$ret['install_url'] = mfwRequest::makeURL("/package/install?token={$token}");
} catch (Exception $e) {
error_log(__METHOD__ . '(' . __LINE__ . '): ' . get_class($e) . ":{$e->getMessage()}");
return $this->jsonResponse(self::HTTP_500_INTERNALSERVERERROR, array('error' => $e->getMessage(), 'exception' => get_class($e)));
}
apache_log('app_id', $app->getId());
return $this->jsonResponse(self::HTTP_200_OK, $ret);
}
public function executeCreate()
{
$title = mfwRequest::param('title');
$data = mfwRequest::param('icon-data');
$description = mfwRequest::param('description');
$repository = mfwRequest::param('repository');
if (!$title || !preg_match('/^data:[^;]+;base64,(.+)$/', $data, $match)) {
error_log(__METHOD__ . '(' . __LINE__ . "): bad request: {$title}, " . substr($data, 0, 30));
return $this->response(self::HTTP_400_BADREQUEST);
}
$image = base64_decode($match[1]);
$con = mfwDBConnection::getPDO();
$con->beginTransaction();
try {
$app = ApplicationDb::insertNewApp($this->login_user, $title, $image, $description, $repository);
$con->commit();
} catch (Exception $e) {
error_log(__METHOD__ . '(' . __LINE__ . '): ' . get_class($e) . ":{$e->getMessage()}");
$con->rollback();
throw $e;
}
apache_log('app_id', $app->getId());
return $this->redirect("/app?id={$app->getId()}");
}
public function executeUpload()
{
$con = null;
try {
if (mfwRequest::method() !== 'POST') {
return $this->jsonResponse(self::HTTP_405_METHODNOTALLOWED, array('error' => 'Method Not Allowed'));
}
$api_key = mfwRequest::param('api_key');
$file_info = mfwRequest::param('file');
$title = mfwRequest::param('title');
$description = mfwRequest::param('description');
$notify = mfwRequest::param('notify');
$tag_names = explode(',', mfwRequest::param('tags'));
if (!$api_key || !$file_info || !$title) {
return $this->jsonResponse(self::HTTP_400_BADREQUEST, array('error' => 'A required field is not present.'));
}
if (!isset($file_info['error']) || $file_info['error'] !== UPLOAD_ERR_OK) {
error_log(__METHOD__ . '(' . __LINE__ . '): upload file error: $_FILES[file]=' . json_encode($file_info));
return $this->jsonResponse(self::HTTP_400_BADREQUEST, array('error' => 'upload file error: $_FILES[file]=' . json_encode($file_info)));
}
$app = ApplicationDb::selectByApiKey($api_key);
if (!$app) {
return $this->jsonResponse(self::HTTP_400_BADREQUEST, array('error' => 'Invalid api_key'));
}
apache_log('app_id', $app->getId());
// ファイルフォーマット確認, 情報抽出
list($platform, $ext, $mime) = PackageDb::getPackageInfo($file_info['name'], $file_info['tmp_name'], $file_info['type']);
$ios_identifier = null;
if ($platform === Package::PF_IOS) {
$plist = IPAFile::parseInfoPlist($file_info['tmp_name']);
$ios_identifier = $plist['CFBundleIdentifier'];
}
// DBへ保存
$con = mfwDBConnection::getPDO();
$con->beginTransaction();
$app = ApplicationDb::retrieveByPKForUpdate($app->getId());
$tags = $app->getTagsByName($tag_names, $con);
$pkg = PackageDb::insertNewPackage($app->getId(), $platform, $ext, $title, $description, $ios_identifier, $file_info['name'], $file_info['size'], $tags, $con);
apache_log('pkg_id', $pkg->getId());
// S3へアップロード
$pkg->uploadFile($file_info['tmp_name'], $mime);
$app->updateLastUpload($pkg->getCreated(), $con);
$con->commit();
} catch (Exception $e) {
if ($con) {
$con->rollback();
}
error_log(__METHOD__ . '(' . __LINE__ . '): ' . get_class($e) . ":{$e->getMessage()}");
return $this->jsonResponse(self::HTTP_500_INTERNALSERVERERROR, array('error' => $e->getMessage(), 'exception' => get_class($e)));
}
if ($notify) {
try {
$users = $app->getInstallUsers();
$users->noticePackageUploaded($pkg);
} catch (Exception $e) {
// アップロード通知が送れなくても許容する
error_log(__METHOD__ . '(' . __LINE__ . '): ' . get_class($e) . ":{$e->getMessage()}");
}
}
return $this->jsonResponse(self::HTTP_200_OK, $this->makePackageArray($pkg));
}
