private function getKey(Request $request, Entry $entry)
 {
     $userAndKey = $this->apiKey->extractKeyAndUser($request);
     $share = $entry->keyShares()->where('user_id', $userAndKey['user']->id)->firstOrFail();
     if ($share) {
         $this->logger->log('entry', 'Accessed entry via API', $entry->id);
         return $entry->toArray() + ['password' => $this->sealer->unseal($entry->data, $share->public, $userAndKey['key'])];
     }
     return null;
 }
Exemple #2
0
 public function handle(UserRepository $userRepo, HistoryLogger $logger)
 {
     $model = User::findOrFail($this->id);
     $model->email = $this->email;
     $model->name = $this->name;
     $model->surname = $this->surname;
     if ($this->group) {
         if ($this->isBecomingNonAdmin($model) && $userRepo->isLastAdmin($model)) {
             throw new HttpResponseException(new JsonResponse('You cannot change this user group.', 419));
         }
         $model->group = $this->group;
     }
     $logger->log('user', 'Updated user details.', $model->id);
     if (!is_null($this->password)) {
         $logger->log('user', 'Changed user password.', $model->id);
         $model->password = Hash::make($this->password);
     }
     $model->save();
     return $model;
 }
Exemple #3
0
 /**
  * Store a newly created resource in storage.
  *
  * @param HistoryLogger $logger
  * @return Response
  */
 public function store(HistoryLogger $logger)
 {
     $oldPassword = Input::get('old');
     $newPassword = Input::get('new');
     if (!Hash::check($oldPassword, Auth::user()->password)) {
         return Response::make('Old password does not match.', 419);
     }
     if ($newPassword != Input::get('repeat')) {
         return Response::make('New passwords do not match.', 419);
     }
     try {
         $model = User::findOrFail(Auth::user()->id);
         $model->password = Hash::make($newPassword);
         $rsa = $model->rsaKey;
         $rsa->private = (new PrivateKey($rsa->private))->unlock(md5($oldPassword))->lock($newPassword)->getKey();
         $rsa->save();
         $model->save();
         $logger->log('auth', 'User changed password.', Auth::user()->id);
     } catch (\RuntimeException $e) {
         return Response::make('Incorrect old password for private key.', 419);
     }
 }
Exemple #4
0
 public function onUserCreated(UserCreated $event)
 {
     $user = $event->getUser();
     $this->logger->log('user', 'Created new user. (' . $user->email . ', ' . $user->getGroup() . ').', $user->id);
 }
Exemple #5
0
 public function onUserLogout(UserLoggedOut $event)
 {
     $this->logger->log('auth', $event->getUser()->email . ' logged out.');
 }
Exemple #6
0
 /**
  * Get password for Entry
  *
  * @param Entry $model
  * @param HistoryLogger $logger
  * @param EntryCrypt $entryCrypt
  * @return mixed
  */
 public function getPassword(Entry $model, HistoryLogger $logger, EntryCrypt $entryCrypt)
 {
     if (!$model->can_edit) {
         abort(403);
     }
     try {
         $data = $entryCrypt->decrypt($model);
         $logger->log('password', 'Accessed password #' . $model->id . ' (' . $model->project->name . ').', $model->id);
         return Response::json(['password' => strlen($data) > 0 ? $data : ''], 200);
     } catch (\RuntimeException $e) {
         abort(409);
     }
 }
Exemple #7
0
 /**
  * @param string $message
  * @param Model $model
  */
 protected function log($message, Model $model)
 {
     $ref = new \ReflectionClass($model);
     $this->logger->log($ref->getShortName(), $message, $model->getAttribute('id'));
 }