public function executeDelete() { $token = mfwRequest::param('token', null, 'POST'); if ($token !== mfwSession::get(self::SESKEY_TOKEN)) { return $this->buildErrorPage('Bad Request', array(self::HTTP_400_BADREQUEST)); } mfwSession::clear(self::SESKEY_TOKEN); $con = mfwDBConnection::getPDO(); $con->beginTransaction(); try { $this->app = ApplicationDb::retrieveByPKForUpdate($this->app->getId()); $this->package->delete($con); if ($this->app->getLastUpload() == $this->package->getCreated()) { // 最終アップデート時刻を前のものに戻す $pkg = PackageDb::selectNewestOneByAppId($this->app->getId()); $lastupload = $pkg ? $pkg->getCreated() : null; $this->app->updateLastUpload($lastupload, $con); } $con->commit(); } catch (Exception $e) { $con->rollback(); error_log(__METHOD__ . '(' . __LINE__ . '): ' . get_class($e) . ":{$e->getMessage()}"); throw $e; } apache_log('app_id', $this->app->getId()); apache_log('pkg_id', $this->package->getId()); apache_log('platform', $this->package->getPlatform()); try { $this->package->deleteFile(); } catch (Exception $e) { // S3から削除出来なくてもDBからは消えているので許容する } return $this->redirect("/app?id={$this->app->getId()}"); }
public function initialize() { if ($err = parent::initialize()) { return $err; } // いくつかのapiはAPI Key認証なのでログイン不要 if ($this->module === 'api') { if (in_array($this->action, array('upload', 'package_list', 'delete', 'create_token'))) { return null; } } // package/install_plist はセッションが使えないため別途認証する. if ($this->module === 'package' && $this->action === 'install_plist') { return null; } $this->login_user = User::getLoginUser(); if (!$this->login_user && $this->getModule() != 'login') { $scheme = Config::get('enable_https') ? 'https' : null; $this->saveUrlBeforeLogin($scheme); return $this->redirect(mfwRequest::makeUrl('/login', $scheme)); } if ($this->login_user) { apache_log('user', $this->login_user->getMail()); } return null; }
public function executeInstall() { $pf = $this->package->getPlatform(); $ua = mfwRequest::userAgent(); if ($pf === Package::PF_IOS && $ua->isIOS()) { // itms-service での接続はセッションを引き継げない // 一時トークンをURLパラメータに付けることで認証する $scheme = Config::get('enable_https') ? 'https' : null; // HTTPSが使えるならHTTPS優先 $plist_url = mfwHttp::composeUrl(mfwRequest::makeUrl('/package/install_plist', $scheme), array('id' => $this->package->getId(), 't' => $this->makeToken())); $url = 'itms-services://?action=download-manifest&url=' . urlencode($plist_url); } else { // iPhone以外でのアクセスはパッケージを直接DL $url = $this->package->getFileUrl('+60 min'); } $con = mfwDBConnection::getPDO(); $con->beginTransaction(); try { InstallLog::Logging($this->login_user, $this->package, $ua, $con); $con->commit(); } catch (Exception $e) { $con->rollback(); error_log(__METHOD__ . '(' . __LINE__ . '): ' . get_class($e) . ":{$e->getMessage()}"); throw $e; } apache_log('app_id', $this->app->getId()); apache_log('pkg_id', $this->package->getId()); apache_log('platform', $this->package->getPlatform()); return $this->redirect($url); }
public function executeGoogle_callback() { $code = mfwRequest::param('code'); $token = $this->getAccessToken($code); $userinfo = $this->getUserInfo($token); $mail = isset($userinfo['email']) ? $userinfo['email'] : null; if (!$this->checkAccount($mail)) { return $this->redirect('/login/google_error'); } User::login($mail); apache_log('user', $mail); return $this->redirectUrlBeforeLogin(); }
public function executeCreate_token() { $token_expire = '+1 hours'; $expire_time = strtotime($token_expire); $mc_expire = $expire_time - time(); $tokendata = array('mail' => $this->login_user->getMail(), 'package_id' => $this->package->getId(), 'expire' => date('Y-m-d H:i:s', $expire_time)); $token = Random::string(32); mfwMemcache::set(self::INSTALL_TOKEN_PREFIX . $token, json_encode($tokendata), $mc_expire); apache_log('token', $token); apache_log('token_data', $tokendata); $params = array('token' => $token, 'expire' => $tokendata['expire'], 'token_url' => mfwRequest::makeURL("/package/install?token={$token}")); return $this->build($params); }
public function executeUpload_post() { $temp_name = mfwRequest::param('temp_name'); $platform = mfwRequest::param('platform'); $title = mfwRequest::param('title'); $description = mfwRequest::param('description'); $tag_names = mfwRequest::param('tags'); $ios_identifier = mfwRequest::param('ios_identifier'); $notify = mfwRequest::param('notify'); $org_filename = mfwRequest::param('file_name'); $filesize = mfwRequest::param('file_size'); if (!$temp_name || !$title) { error_log(__METHOD__ . '(' . __LINE__ . "): bad request: {$temp_name}, {$title}"); return $this->response(self::HTTP_400_BADREQUEST); } $ext = pathinfo($temp_name, PATHINFO_EXTENSION); $con = mfwDBConnection::getPDO(); $con->beginTransaction(); try { $app = ApplicationDb::retrieveByPKForUpdate($this->app->getId(), $con); $tags = $app->getTagsByName($tag_names, $con); $pkg = PackageDb::insertNewPackage($this->app->getId(), $platform, $ext, $title, $description, $ios_identifier, $org_filename, $filesize, $tags, $con); $pkg->renameTempFile($temp_name); $app->updateLastUpload($pkg->getCreated(), $con); $con->commit(); } catch (Exception $e) { error_log(__METHOD__ . '(' . __LINE__ . '): ' . get_class($e) . ":{$e->getMessage()}"); $con->rollback(); throw $e; } if ($notify) { try { $users = $app->getInstallUsers(); $users->noticePackageUploaded($pkg); } catch (Exception $e) { // アップロード通知が送れなくても許容する error_log(__METHOD__ . '(' . __LINE__ . '): ' . get_class($e) . ":{$e->getMessage()}"); } } apache_log('app_id', $app->getId()); apache_log('pkg_id', $pkg->getId()); return $this->redirect("/package?id={$pkg->getId()}"); }
public function executePackage_list() { try { $api_key = mfwRequest::param('api_key'); $app = ApplicationDb::selectByApiKey($api_key); if (!$app) { return $this->jsonResponse(self::HTTP_400_BADREQUEST, array('error' => 'Invalid api_key')); } $pkgs = PackageDb::selectByAppId($app->getId()); $ret = array(); foreach ($pkgs as $pkg) { $ret[] = $this->makePackageArray($pkg); } } catch (Exception $e) { error_log(__METHOD__ . '(' . __LINE__ . '): ' . get_class($e) . ":{$e->getMessage()}"); return $this->jsonResponse(self::HTTP_500_INTERNALSERVERERROR, array('error' => $e->getMessage(), 'exception' => get_class($e))); } apache_log('app_id', $app->getId()); return $this->jsonResponse(self::HTTP_200_OK, $ret); }
public function executeDelete() { $con = null; try { $api_key = mfwRequest::param('api_key'); $pkg_id = mfwRequest::param('id'); $app = ApplicationDb::selectByApiKey($api_key); if (!$app) { return $this->jsonResponse(self::HTTP_400_BADREQUEST, array('error' => 'Invalid api_key')); } $pkg = PackageDb::retrieveByPK($pkg_id); if (!$pkg || $app->getId() !== $pkg->getAppId()) { return $this->jsonResponse(self::HTTP_400_BADREQUEST, array('error' => 'Invalid package id')); } $con = mfwDBConnection::getPDO(); $con->beginTransaction(); $app = ApplicationDb::retrieveByPKForUpdate($app->getId(), $con); $pkg->delete($con); if ($app->getLastUpload() == $pkg->getCreated()) { // 最終アップデート時刻を前のものに戻す $pkg = PackageDb::selectNewestOneByAppId($app->getId()); $lastupload = $pkg ? $pkg->getCreated() : null; $app->updateLastUpload($lastupload, $con); } $con->commit(); } catch (Exception $e) { if ($con) { $con->rollback(); } error_log(__METHOD__ . '(' . __LINE__ . '): ' . get_class($e) . ":{$e->getMessage()}"); return $this->jsonResponse(self::HTTP_500_INTERNALSERVERERROR, array('error' => $e->getMessage(), 'exception' => get_class($e))); } try { $pkg->deleteFile(); } catch (Exception $e) { // S3から削除出来なくてもDBからは消えているので許容する } apache_log('app_id', $app->getId()); apache_log('pkg_id', $pkg->getId()); return $this->jsonResponse(self::HTTP_200_OK, $this->makePackageArray($pkg)); }
public function executeCreate_token() { try { $api_key = mfwRequest::param('api_key'); $pkg_id = mfwRequest::param('id'); $mail = mfwRequest::param('mail'); $expire_hour = mfwRequest::param('expire_hour'); // api_key check $app = ApplicationDb::selectByApiKey($api_key); if (!$app) { return $this->jsonResponse(self::HTTP_400_BADREQUEST, array('error' => 'Invalid api_key')); } // id check $pkg = PackageDb::retrieveByPK($pkg_id); if (!$pkg || $app->getId() !== $pkg->getAppId()) { return $this->jsonResponse(self::HTTP_400_BADREQUEST, array('error' => 'Invalid package id')); } // mail check $owner_mails = $app->getOwners()->getMailArray(); if (!in_array($mail, $owner_mails)) { return $this->jsonResponse(self::HTTP_400_BADREQUEST, array('error' => 'Invalid mail address')); } // create install token $expire_hour = empty($expire_hour) ? 1 : $expire_hour; $token_expire = sprintf('+%s hours', $expire_hour); $expire_time = strtotime($token_expire); $mc_expire = $expire_time - time(); $tokendata = array('mail' => $mail, 'package_id' => $pkg_id, 'expire' => date('Y-m-d H:i:s', $expire_time)); $token = Random::string(32); mfwMemcache::set(self::INSTALL_TOKEN_PREFIX . $token, json_encode($tokendata), $mc_expire); apache_log('token', $token); apache_log('token_data', $tokendata); $ret = $this->makePackageArray($pkg); $ret['install_url'] = mfwRequest::makeURL("/package/install?token={$token}"); } catch (Exception $e) { error_log(__METHOD__ . '(' . __LINE__ . '): ' . get_class($e) . ":{$e->getMessage()}"); return $this->jsonResponse(self::HTTP_500_INTERNALSERVERERROR, array('error' => $e->getMessage(), 'exception' => get_class($e))); } apache_log('app_id', $app->getId()); return $this->jsonResponse(self::HTTP_200_OK, $ret); }
public function executeCreate() { $title = mfwRequest::param('title'); $data = mfwRequest::param('icon-data'); $description = mfwRequest::param('description'); $repository = mfwRequest::param('repository'); if (!$title || !preg_match('/^data:[^;]+;base64,(.+)$/', $data, $match)) { error_log(__METHOD__ . '(' . __LINE__ . "): bad request: {$title}, " . substr($data, 0, 30)); return $this->response(self::HTTP_400_BADREQUEST); } $image = base64_decode($match[1]); $con = mfwDBConnection::getPDO(); $con->beginTransaction(); try { $app = ApplicationDb::insertNewApp($this->login_user, $title, $image, $description, $repository); $con->commit(); } catch (Exception $e) { error_log(__METHOD__ . '(' . __LINE__ . '): ' . get_class($e) . ":{$e->getMessage()}"); $con->rollback(); throw $e; } apache_log('app_id', $app->getId()); return $this->redirect("/app?id={$app->getId()}"); }
public function executeUpload() { $con = null; try { if (mfwRequest::method() !== 'POST') { return $this->jsonResponse(self::HTTP_405_METHODNOTALLOWED, array('error' => 'Method Not Allowed')); } $api_key = mfwRequest::param('api_key'); $file_info = mfwRequest::param('file'); $title = mfwRequest::param('title'); $description = mfwRequest::param('description'); $notify = mfwRequest::param('notify'); $tag_names = explode(',', mfwRequest::param('tags')); if (!$api_key || !$file_info || !$title) { return $this->jsonResponse(self::HTTP_400_BADREQUEST, array('error' => 'A required field is not present.')); } if (!isset($file_info['error']) || $file_info['error'] !== UPLOAD_ERR_OK) { error_log(__METHOD__ . '(' . __LINE__ . '): upload file error: $_FILES[file]=' . json_encode($file_info)); return $this->jsonResponse(self::HTTP_400_BADREQUEST, array('error' => 'upload file error: $_FILES[file]=' . json_encode($file_info))); } $app = ApplicationDb::selectByApiKey($api_key); if (!$app) { return $this->jsonResponse(self::HTTP_400_BADREQUEST, array('error' => 'Invalid api_key')); } apache_log('app_id', $app->getId()); // ファイルフォーマット確認, 情報抽出 list($platform, $ext, $mime) = PackageDb::getPackageInfo($file_info['name'], $file_info['tmp_name'], $file_info['type']); $ios_identifier = null; if ($platform === Package::PF_IOS) { $plist = IPAFile::parseInfoPlist($file_info['tmp_name']); $ios_identifier = $plist['CFBundleIdentifier']; } // DBへ保存 $con = mfwDBConnection::getPDO(); $con->beginTransaction(); $app = ApplicationDb::retrieveByPKForUpdate($app->getId()); $tags = $app->getTagsByName($tag_names, $con); $pkg = PackageDb::insertNewPackage($app->getId(), $platform, $ext, $title, $description, $ios_identifier, $file_info['name'], $file_info['size'], $tags, $con); apache_log('pkg_id', $pkg->getId()); // S3へアップロード $pkg->uploadFile($file_info['tmp_name'], $mime); $app->updateLastUpload($pkg->getCreated(), $con); $con->commit(); } catch (Exception $e) { if ($con) { $con->rollback(); } error_log(__METHOD__ . '(' . __LINE__ . '): ' . get_class($e) . ":{$e->getMessage()}"); return $this->jsonResponse(self::HTTP_500_INTERNALSERVERERROR, array('error' => $e->getMessage(), 'exception' => get_class($e))); } if ($notify) { try { $users = $app->getInstallUsers(); $users->noticePackageUploaded($pkg); } catch (Exception $e) { // アップロード通知が送れなくても許容する error_log(__METHOD__ . '(' . __LINE__ . '): ' . get_class($e) . ":{$e->getMessage()}"); } } return $this->jsonResponse(self::HTTP_200_OK, $this->makePackageArray($pkg)); }