private function checkApiAccess(Request $request) { $key = $request->headers->get('authorization'); if (null !== $key) { $key = substr($key, 6); } $apiAccount = ApiQuery::create()->findOneByApiKey($key); if (null === $apiAccount) { throw new UnauthorizedHttpException('Token'); } $secureKey = pack('H*', $apiAccount->getSecureKey()); $sign = hash_hmac('sha1', $request->getContent(), $secureKey); if ($sign != $request->query->get('sign')) { throw new PreconditionFailedHttpException('wrong body request signature'); } return $apiAccount; }
/** * Performs an INSERT on the database, given a Api or Criteria object. * * @param mixed $criteria Criteria or Api object containing data that is used to create the INSERT statement. * @param ConnectionInterface $con the ConnectionInterface connection to use * @return mixed The new primary key. * @throws PropelException Any exceptions caught during processing will be * rethrown wrapped into a PropelException. */ public static function doInsert($criteria, ConnectionInterface $con = null) { if (null === $con) { $con = Propel::getServiceContainer()->getWriteConnection(ApiTableMap::DATABASE_NAME); } if ($criteria instanceof Criteria) { $criteria = clone $criteria; // rename for clarity } else { $criteria = $criteria->buildCriteria(); // build Criteria from Api object } if ($criteria->containsKey(ApiTableMap::ID) && $criteria->keyContainsValue(ApiTableMap::ID)) { throw new PropelException('Cannot insert a value for auto-increment primary key (' . ApiTableMap::ID . ')'); } // Set the correct dbName $query = ApiQuery::create()->mergeWith($criteria); try { // use transaction because $criteria could contain info // for more than one table (I guess, conceivably) $con->beginTransaction(); $pk = $query->doInsert($con); $con->commit(); } catch (PropelException $e) { $con->rollBack(); throw $e; } return $pk; }
protected function getSignParameter($content) { $api = ApiQuery::create()->findOneByApiKey(self::API_KEY); $secureKey = pack('H*', $api->getSecureKey()); return hash_hmac('sha1', $content, $secureKey); }
/** * Returns the number of related Api objects. * * @param Criteria $criteria * @param boolean $distinct * @param ConnectionInterface $con * @return int Count of related Api objects. * @throws PropelException */ public function countApis(Criteria $criteria = null, $distinct = false, ConnectionInterface $con = null) { $partial = $this->collApisPartial && !$this->isNew(); if (null === $this->collApis || null !== $criteria || $partial) { if ($this->isNew() && null === $this->collApis) { return 0; } if ($partial && !$criteria) { return count($this->getApis()); } $query = ChildApiQuery::create(null, $criteria); if ($distinct) { $query->distinct(); } return $query->filterByProfile($this)->count($con); } return count($this->collApis); }
protected function renderList($api_id = null) { $apiAccessList = ApiQuery::create()->find()->toArray(); return $this->render('api', ['api_list' => $apiAccessList, 'api_id' => $api_id]); }
/** * Removes this object from datastore and sets delete attribute. * * @param ConnectionInterface $con * @return void * @throws PropelException * @see Api::setDeleted() * @see Api::isDeleted() */ public function delete(ConnectionInterface $con = null) { if ($this->isDeleted()) { throw new PropelException("This object has already been deleted."); } if ($con === null) { $con = Propel::getServiceContainer()->getWriteConnection(ApiTableMap::DATABASE_NAME); } $con->beginTransaction(); try { $deleteQuery = ChildApiQuery::create()->filterByPrimaryKey($this->getPrimaryKey()); $ret = $this->preDelete($con); if ($ret) { $deleteQuery->delete($con); $this->postDelete($con); $con->commit(); $this->setDeleted(true); } else { $con->commit(); } } catch (Exception $e) { $con->rollBack(); throw $e; } }