/**
* @return string
* @throws \DreamFactory\Core\Exceptions\UnauthorizedException
*/
public static function refreshToken()
{
$token = Session::getSessionToken();
try {
$newToken = \JWTAuth::refresh($token);
$payload = \JWTAuth::getPayload($newToken);
$userId = $payload->get('user_id');
$user = User::find($userId);
$userInfo = $user->toArray();
ArrayUtils::set($userInfo, 'is_sys_admin', $user->is_sys_admin);
Session::setSessionToken($newToken);
Session::setUserInfo($userInfo);
static::setTokenMap($payload, $newToken);
} catch (TokenExpiredException $e) {
$payloadArray = \JWTAuth::manager()->getJWTProvider()->decode($token);
$forever = boolval(ArrayUtils::get($payloadArray, 'forever'));
if ($forever) {
$userId = ArrayUtils::get($payloadArray, 'user_id');
$user = User::find($userId);
Session::setUserInfoWithJWT($user, $forever);
} else {
throw new UnauthorizedException($e->getMessage());
}
}
return Session::getSessionToken();
}
public function testSysAdmin()
{
$user = \DreamFactory\Core\Models\User::find(1);
Session::setUserInfoWithJWT($user);
$permission = Session::getServicePermissions('system', '*');
$this->assertEquals($permission, VerbsMask::NONE_MASK | VerbsMask::GET_MASK | VerbsMask::POST_MASK | VerbsMask::PUT_MASK | VerbsMask::PATCH_MASK | VerbsMask::DELETE_MASK);
$nonAdminUser = \DreamFactory\Core\Models\User::create(['name' => 'John Doe', 'first_name' => 'John', 'last_name' => 'Doe', 'email' => '*****@*****.**', 'password' => 'test1234', 'security_question' => 'Make of your first car?', 'security_answer' => 'mazda', 'is_active' => true]);
Session::setUserInfoWithJWT($nonAdminUser);
$permission = Session::getServicePermissions('system', '*');
$this->assertEquals(VerbsMask::NONE_MASK, $permission);
}
protected function adminCheck($records)
{
if (isset($records[static::$wrapper])) {
$records = $records[static::$wrapper];
}
foreach ($records as $user) {
/** @type \DreamFactory\Core\Models\User $userModel */
$userModel = \DreamFactory\Core\Models\User::find($user['id']);
if ($userModel->is_sys_admin) {
return false;
}
}
return true;
}
public function testPOSTRegister()
{
$u = $this->user1;
$password = Arr::get($u, 'password');
$payload = ['first_name' => Arr::get($u, 'first_name'), 'last_name' => Arr::get($u, 'last_name'), 'name' => Arr::get($u, 'name'), 'email' => Arr::get($u, 'email'), 'phone' => Arr::get($u, 'phone'), 'security_question' => Arr::get($u, 'security_question'), 'security_answer' => Arr::get($u, 'security_answer'), 'password' => $password, 'password_confirmation' => Arr::get($u, 'password_confirmation', $password)];
Session::setUserInfoWithJWT(User::find(1));
$r = $this->makeRequest(Verbs::POST, static::RESOURCE, [], $payload);
$c = $r->getContent();
$this->assertTrue(Arr::get($c, 'success'));
Session::set('role.name', 'test');
Session::set('role.id', 1);
$this->service = ServiceHandler::getService('user');
$r = $this->makeRequest(Verbs::POST, 'session', [], ['email' => Arr::get($u, 'email'), 'password' => Arr::get($u, 'password')]);
$c = $r->getContent();
$this->assertTrue(!empty(Arr::get($c, 'session_id')));
}
public function testApiKeyUserRole()
{
$user = ['name' => 'John Doe', 'first_name' => 'John', 'last_name' => 'Doe', 'email' => '*****@*****.**', 'password' => 'test1234', 'security_question' => 'Make of your first car?', 'security_answer' => 'mazda', 'is_active' => true];
$role = ['name' => 'test_role', 'is_active' => true, 'role_service_access_by_role_id' => [['service_id' => 1, 'component' => 'config', 'verb_mask' => 1, 'requestor_mask' => 1]]];
$this->service = ServiceHandler::getService('system');
$rs = $this->makeRequest(Verbs::POST, 'user', [], [$user]);
$data = $rs->getContent();
$userId = Arr::get($data, static::$wrapper . '.0.id');
$this->service = ServiceHandler::getService('system');
$rs = $this->makeRequest(Verbs::POST, 'role', [], [$role]);
$data = $rs->getContent();
$roleId = Arr::get($data, static::$wrapper . '.0.id');
\DreamFactory\Core\Models\UserAppRole::create(['user_id' => $userId, 'app_id' => 1, 'role_id' => $roleId]);
$app = App::find(1);
$apiKey = $app->api_key;
$myUser = User::find($userId);
$token = JWTUtilities::makeJWTByUser($myUser->id, $myUser->email);
$this->call(Verbs::GET, '/api/v2/system', [], [], [], ['HTTP_X_DREAMFACTORY_API_KEY' => $apiKey, 'HTTP_X_DREAMFACTORY_SESSION_TOKEN' => $token]);
$this->assertFalse(Session::isSysAdmin());
$this->assertEquals($roleId, Session::get('role.id'));
$rsa = Session::get('role.services');
$this->assertTrue(!empty($rsa));
}
public function testPOSTProfile()
{
$user = $this->createUser(1);
$userModel = User::find($user['id']);
Session::setUserInfoWithJWT($userModel);
$fName = 'Jack';
$lName = 'Smith';
$name = 'Jack';
$email = '*****@*****.**';
$this->user1['email'] = $email;
$phone = '123-475-7383';
$sQuestion = 'Foo?';
$sAnswer = 'bar';
$payload = ['first_name' => $fName, 'last_name' => $lName, 'name' => $name, 'email' => $email, 'phone' => $phone, 'security_question' => $sQuestion, 'security_answer' => $sAnswer];
$r = $this->makeRequest(Verbs::POST, static::RESOURCE, [], $payload);
$c = $r->getContent();
$this->assertTrue(Arr::get($c, 'success'));
$userModel = User::find($user['id']);
$r = $this->makeRequest(Verbs::GET, static::RESOURCE);
$c = $r->getContent();
$this->assertTrue(Hash::check($sAnswer, $userModel->security_answer));
unset($payload['security_answer']);
$this->assertEquals($payload, $c);
}
/**
* @return User|null
*/
public static function user()
{
if (static::isAuthenticated()) {
return User::find(static::getCurrentUserId());
}
return null;
}
public function testPasswordResetUsingConfirmationCode()
{
Arr::set($this->user2, 'email', '*****@*****.**');
$user = $this->createUser(2);
Config::set('mail.pretend', true);
$rs = $this->makeRequest(Verbs::POST, static::RESOURCE . '/password', ['reset' => 'true'], ['email' => $user['email']]);
$content = $rs->getContent();
$this->assertTrue($content['success']);
/** @var User $userModel */
$userModel = User::find($user['id']);
$code = $userModel->confirm_code;
$rs = $this->makeRequest(Verbs::POST, static::RESOURCE . '/password', ['login' => 'true'], ['email' => $user['email'], 'code' => $code, 'new_password' => '778877']);
$content = $rs->getContent();
$this->assertTrue($content['success']);
$this->assertTrue(\DreamFactory\Core\Utility\Session::isAuthenticated());
$userModel = User::find($user['id']);
$this->assertEquals('y', $userModel->confirm_code);
$rs = $this->makeRequest(Verbs::POST, static::RESOURCE . '/session', [], ['email' => $user['email'], 'password' => '778877']);
$content = $rs->getContent();
$token = $content['session_token'];
$tokenMap = DB::table('token_map')->where('token', $token)->get();
$this->assertTrue(!empty($token));
$this->assertTrue(!empty($tokenMap));
}
/**
* @param $userId
* @param bool|false $deleteOnError
*
* @throws \DreamFactory\Core\Exceptions\BadRequestException
* @throws \DreamFactory\Core\Exceptions\InternalServerErrorException
* @throws \DreamFactory\Core\Exceptions\NotFoundException
* @throws \Exception
*/
protected static function sendInvite($userId, $deleteOnError = false)
{
/** @type BaseSystemModel $user */
$user = \DreamFactory\Core\Models\User::find($userId);
if (empty($user)) {
throw new NotFoundException('User not found with id ' . $userId . '.');
}
if ('y' === strtolower($user->confirm_code)) {
throw new BadRequestException('User with this identifier has already confirmed this account.');
}
try {
$userService = Service::getCachedByName('user');
$config = $userService['config'];
if (empty($config)) {
throw new InternalServerErrorException('Unable to load system configuration.');
}
$emailServiceId = $config['invite_email_service_id'];
$emailTemplateId = $config['invite_email_template_id'];
if (empty($emailServiceId)) {
throw new InternalServerErrorException('No email service configured for user invite.');
}
if (empty($emailTemplateId)) {
throw new InternalServerErrorException("No default email template for user invite.");
}
/** @var EmailService $emailService */
$emailService = ServiceHandler::getServiceById($emailServiceId);
$emailTemplate = EmailTemplate::find($emailTemplateId);
if (empty($emailTemplate)) {
throw new InternalServerErrorException("No data found in default email template for user invite.");
}
try {
$email = $user->email;
$code = \Hash::make($email);
$user->confirm_code = base64_encode($code);
$user->save();
$templateData = $emailTemplate->toArray();
$data = array_merge($templateData, ['to' => $email, 'confirm_code' => $user->confirm_code, 'link' => url(\Config::get('df.confirm_invite_url')) . '?code=' . $user->confirm_code, 'first_name' => $user->first_name, 'last_name' => $user->last_name, 'name' => $user->name, 'email' => $user->email, 'phone' => $user->phone, 'content_header' => ArrayUtils::get($templateData, 'subject', 'You are invited to try DreamFactory.'), 'instance_name' => \Config::get('df.instance_name')]);
} catch (\Exception $e) {
throw new InternalServerErrorException("Error creating user invite. {$e->getMessage()}", $e->getCode());
}
$emailService->sendEmail($data, $emailTemplate->body_text, $emailTemplate->body_html);
} catch (\Exception $e) {
if ($deleteOnError) {
$user->delete();
}
throw new InternalServerErrorException("Error processing user invite. {$e->getMessage()}", $e->getCode());
}
}
public function testPasswordResetUsingConfirmationCode()
{
if (!$this->serviceExists('mymail')) {
$emailService = \DreamFactory\Core\Models\Service::create(["name" => "mymail", "label" => "Test mail service", "description" => "Test mail service", "is_active" => true, "type" => "local_email", "mutable" => true, "deletable" => true, "config" => ["driver" => "sendmail", "command" => "/usr/sbin/sendmail -bs"]]);
$userConfig = \DreamFactory\Core\User\Models\UserConfig::find(4);
$userConfig->password_email_service_id = $emailService->id;
$userConfig->save();
}
if (!\DreamFactory\Core\Models\EmailTemplate::whereName('mytemplate')->exists()) {
$template = \DreamFactory\Core\Models\EmailTemplate::create(['name' => 'mytemplate', 'description' => 'test', 'to' => $this->user2['email'], 'subject' => 'rest password test', 'body_text' => 'link {link}']);
$userConfig = \DreamFactory\Core\User\Models\UserConfig::find(4);
$userConfig->password_email_template_id = $template->id;
$userConfig->save();
}
Arr::set($this->user2, 'email', '*****@*****.**');
$user = $this->createUser(2);
Config::set('mail.pretend', true);
$rs = $this->makeRequest(Verbs::POST, static::RESOURCE, ['reset' => 'true'], ['email' => $user['email']]);
$content = $rs->getContent();
$this->assertTrue($content['success']);
/** @var User $userModel */
$userModel = User::find($user['id']);
$code = $userModel->confirm_code;
$rs = $this->makeRequest(Verbs::POST, static::RESOURCE, ['login' => 'true'], ['email' => $user['email'], 'code' => $code, 'new_password' => '778877']);
$content = $rs->getContent();
$this->assertTrue($content['success']);
$this->assertTrue(Session::isAuthenticated());
$userModel = User::find($user['id']);
$this->assertEquals('y', $userModel->confirm_code);
$this->service = ServiceHandler::getService($this->serviceId);
$rs = $this->makeRequest(Verbs::POST, 'session', [], ['email' => $user['email'], 'password' => '778877']);
$content = $rs->getContent();
$this->assertTrue(!empty($content['session_id']));
}
