public function githubLogin() { $access_token = Input::get('access_token'); $ch = curl_init('https://api.github.com/user'); curl_setopt($ch, CURLOPT_HTTPHEADER, array("Authorization: token {$access_token}")); curl_setopt($ch, CURLOPT_RETURNTRANSFER, true); curl_setopt($ch, CURLOPT_CUSTOMREQUEST, 'GET'); curl_setopt($ch, CURLOPT_USERAGENT, 'SWAMP'); $response = curl_exec($ch); $user = json_decode($response); $account = LinkedAccount::where('user_external_id', '=', $user->id)->first(); if ($account) { Session::set('github_access_token', $access_token); $user = User::getIndex($account->user_uid); if ($user) { if ($user->isEnabled()) { $res = Response::json(array('user_uid' => $user->user_uid)); Session::set('timestamp', time()); Session::set('user_uid', $user->user_uid); return $res; } else { return Response::make('User has not been approved.', 401); } } else { return Response::make('Incorrect username or password.', 401); } } else { return Response::make('Account not found.', 401); } }
public function markAcceptance($policyCode, $userUid) { // get inputs // $policy = Policy::where('policy_code', '=', $policyCode)->first(); $user = User::getIndex($userUid); $acceptFlag = Input::has('accept_flag'); // check inputs // if (!$user || !$policy || !$acceptFlag) { return Response::make('Invalid input.', 404); } // check privileges // if (!$user->isAdmin() && $user->user_uid != Session::get('user_uid')) { return Response::make('Insufficient privileges to mark policy acceptance.', 401); } // get or create new user policy // $userPolicy = UserPolicy::where('user_uid', '=', $userUid)->where('policy_code', '=', $policyCode)->first(); if (!$userPolicy) { $userPolicy = new UserPolicy(array('user_policy_uid' => GUID::create(), 'user_uid' => $userUid, 'policy_code' => $policyCode)); } $userPolicy->accept_flag = $acceptFlag; $userPolicy->save(); return $userPolicy; }
static function whitelisted() { // Detect API Request // if (Input::get('api_key') && Input::get('user_uid')) { if (Config::get('app.api_key') == Input::get('api_key')) { if (!User::getIndex(Input::get('user_uid'))) { return false; } Session::set('user_uid', Input::get('user_uid')); return true; } return false; } // Detect Whitelisted Route // foreach (Config::get('app.whitelist') as $pattern) { if (is_array($pattern)) { if (Request::is(key($pattern))) { return in_array(self::method(), current($pattern)); } } else { if (Request::is($pattern)) { return true; } } } return false; }
/** * accessor methods */ public function getUserAttribute() { $user = User::getIndex($this->user_uid); if ($user) { return array('first_name' => $user->first_name, 'last_name' => $user->last_name, 'preferred_name' => $user->preferred_name, 'email' => $user->email); } }
/** * invitation sending / emailing method */ public function send($passwordResetNonce) { $this->user = User::getIndex($this->user_uid); $data = array('user' => $this->user, 'password_reset' => $this, 'password_reset_url' => Config::get('app.cors_url') . '/#reset-password/' . $passwordResetNonce . '/' . $this->password_reset_id); Mail::send(array('text' => 'emails.reset-password-plaintext'), $data, function ($message) { $message->to($this->user->email, $this->user->getFullName()); $message->subject('SWAMP Password Reset'); }); }
/** * accessor methods */ public function getUserAttribute() { $user = User::getIndex($this->user_uid); // return a subset of user fields // if ($user) { return array('first_name' => $user->first_name, 'last_name' => $user->last_name, 'email' => $user->email); } }
/** * status changing methods */ public function accept() { $this->accept_date = new DateTime(); // create new project membership // $invitee = User::getByEmail($this->email); $projectMembership = new ProjectMembership(array('membership_uid' => GUID::create(), 'project_uid' => $this->project_uid, 'user_uid' => $invitee->user_uid, 'admin_flag' => false)); $projectMembership->save(); }
/** * invitation sending / emailing method */ public function send($verifyRoute, $changed = false) { $data = array('user' => User::getIndex($this->user_uid), 'verification_key' => $this->verification_key, 'verify_url' => Config::get('app.cors_url') . '/' . $verifyRoute); $template = $changed ? 'emails.email-verification' : 'emails.user-verification'; $this->subject = $changed ? 'SWAMP Email Verification' : 'SWAMP User Verification'; $this->recipient = User::getIndex($this->user_uid); Mail::send($template, $data, function ($message) { $message->to($this->email, $this->recipient->getFullName()); $message->subject($this->subject); }); }
public function getAll($userUid) { $user = User::getIndex($userUid); if ($user) { if ($user->isAdmin()) { return Contact::all(); } else { return Response::make('This user is not an administrator.', 500); } } else { return Response::make('Administrator authorization is required.', 500); } }
public function getAll() { $user = User::getIndex(Session::get('user_uid')); if ($user && $user->isAdmin()) { $platformsQuery = Platform::orderBy('create_date', 'DESC'); // add filters // $platformsQuery = DateFilter::apply($platformsQuery); $platformsQuery = LimitFilter::apply($platformsQuery); return $platformsQuery->get(); } return ''; }
/** * methods */ public static function getIndex($userUid) { $user = User::getIndex($userUid); // assign subset of user attributes // if ($user) { $owner = new Owner(); $owner->user_uid = $user->user_uid; $owner->first_name = $user->first_name; $owner->last_name = $user->last_name; $owner->preferred_name = $user->preferred_name; $owner->email = $user->email; return $owner; } }
public function setEnabledFlag($linkedAccountId) { $value = Input::get('enabled_flag'); $active_user = User::getIndex(Session::get('user_uid')); $account = LinkedAccount::where('linked_account_id', '=', $linkedAccountId)->first(); $user = User::getIndex($account->user_uid); if ($user->user_uid == $active_user->user_uid || $active_user->isAdmin()) { $account->enabled_flag = $value ? 1 : 0; $account->save(); $userEvent = new UserEvent(array('user_uid' => $user->user_uid, 'event_type' => 'linkedAccountToggled', 'value' => json_encode(array('linked_account_provider_code' => 'github', 'user_external_id' => $account->user_external_id, 'user_ip' => $_SERVER['REMOTE_ADDR'], 'enabled' => $account->enabled_flag)))); $userEvent->save(); return Response::make('The status of this linked account has been updated.'); } else { return Response::make('Unable to update this linked account. Insufficient privileges.', 500); } }
private function checkPermissions($assessmentRun) { $tool = Tool::where('tool_uuid', '=', $assessmentRun->tool_uuid)->first(); if ($tool->policy_code) { $user = User::getIndex(Session::get('user_uid')); switch ($tool->policy_code) { case 'parasoft-user-c-test-policy': case 'parasoft-user-j-test-policy': $permission = Permission::where('policy_code', '=', $tool->policy_code)->first(); $project = Project::where('project_uid', '=', $assessmentRun->project_uuid)->first(); $projectOwner = $project->owner; if (!$permission || !$project || !$projectOwner) { return Response::json(array('status' => 'error'), 404); } $userPermission = UserPermission::where('permission_code', '=', $permission->permission_code)->where('user_uid', '=', $projectOwner['user_uid'])->first(); $userPermissionProject = UserPermissionProject::where('user_permission_uid', '=', $userPermission->user_permission_uid)->where('project_uid', '=', $project->project_uid)->first(); // if the permission doesn't exist or isn't valid, return error // if (!$userPermission) { return Response::json(array('status' => 'owner_no_permission', 'project_name' => $project->full_name, 'tool_name' => $tool->name), 404); } if ($userPermission->status !== 'granted') { return Response::json(array('status' => 'owner_no_permission', 'project_name' => $project->full_name, 'tool_name' => $tool->name), 401); } // if the project hasn't been designated, return error // if (!$userPermissionProject) { return Response::json(array('status' => 'no_project', 'project_name' => $project->full_name, 'tool_name' => $tool->name), 404); } $userPolicy = UserPolicy::where('policy_code', '=', $tool->policy_code)->where('user_uid', '=', $user->user_uid)->first(); // if the policy hasn't been accepted, return error // $policyResponse = Response::json(array('status' => 'no_policy', 'policy' => $tool->policy, 'policy_code' => $tool->policy_code, 'tool' => $tool), 404); if ($userPolicy) { if ($userPolicy->accept_flag != '1') { return $policyResponse; } } else { return $policyResponse; } break; default: break; } } return true; }
public function updateIndex($passwordResetId) { $pr = PasswordReset::where('password_reset_id', '=', $passwordResetId)->first(); $user = User::getIndex($pr->user_uid); $password = Input::get('password'); $user->modifyPassword($password); // destroy password reset if present // $pr->delete(); $cfg = array('url' => Config::get('app.cors_url') ?: '', 'user' => $user); Mail::send('emails.password-changed', $cfg, function ($message) use($user) { $message->to($user->email, $user->getFullName()); $message->subject('SWAMP Password Changed'); }); // return response // return Response::json(array('success' => true)); }
public function deleteIndex($membershipUid) { $projectMembership = ProjectMembership::where('membership_uid', '=', $membershipUid)->first(); // get user and project associated with this email // $user = User::getIndex($projectMembership->user_uid); $project = Project::where('project_uid', '=', $projectMembership->project_uid)->first(); // send notification email // $data = array('user' => $user, 'project' => $project); $this->user = $user; Mail::send('emails.project-membership-deleted', $data, function ($message) { $message->to($this->user->email, $this->user->getFullName()); $message->subject('SWAMP Project Membership Deleted'); }); $projectMembership->delete(); return $projectMembership; }
public function sendEmail() { if (!Input::has('subject')) { return Response::make('Missing subject field.', 500); } elseif (!Input::has('body')) { return Response::make('Missing body field.', 500); } elseif (!Input::has('recipients')) { return Response::make('Missing recipients field.', 500); } $this->subject = Input::get('subject'); $body = Input::get('body'); if ($this->subject == '' || $body == '') { return Response::make('The email subject and body fields must not be empty.', 500); } $recipients = Input::get('recipients'); if (sizeof($recipients) < 1) { return Response::make('The email must have at least one recipient.', 500); } $failures = new Collection(); foreach ($recipients as $email) { $user = User::getByEmail($email); if (!$user) { return Response::make("Could not load user: {$email}", 500); } $data = array('user' => $user, 'body' => $body); $this->secure = false; if (strpos($body, 'END PGP SIGNATURE') != FALSE || strpos($body, 'END GPG SIGNATURE') != FALSE) { $this->secure = true; } if ($user && filter_var($user->email, FILTER_VALIDATE_EMAIL) && trim($user->email) != '' && trim($user->getFullName()) != '') { Mail::send(array('text' => 'emails.admin'), $data, function ($message) use($user) { $message->to($user->email, $user->getFullName()); $message->subject($this->subject); if ($this->secure) { $message->from('*****@*****.**'); } }); } else { $failures->push(array('user' => $user->toArray(), 'email' => $email)); } } return $failures; }
public function getProjects($userUid) { $user = User::getIndex($userUid); $projects = null; $results = new Collection(); if ($user != null) { $projects = $user->getProjects(); foreach ($projects as $project) { if (!$project->deactivation_date) { $results->push($project); } } } return $results; }
/** * accessor methods */ public function getPackageOwnerAttribute() { // check to see if user is logged in // $user = User::getIndex(Session::get('user_uid')); if ($user) { // fetch owner information // $owner = Owner::getIndex($this->package_owner_uuid); if ($owner) { return $owner->toArray(); } } }
public function designateProject($userPermissionUid, $projectUid) { $up = UserPermission::where('user_permission_uid', '=', $userPermissionUid)->first(); $p = Project::where('project_uid', '=', $projectUid)->first(); $user = User::getIndex(Session::get('user_uid')); if (!($up && $p && $user)) { return Response::make('Unable to find permission information.', 404); } if (!$user->isAdmin() && $user->user_uid != $p->owner['user_uid']) { return Response::make('User does not have permission to designate a project.', 401); } $upp = new UserPermissionProject(array('user_permission_project_uid' => GUID::create(), 'user_permission_uid' => $userPermissionUid, 'project_uid' => $projectUid)); $upp->save(); return $upp; }
public function modifyPassword($password) { // check to see if there is an LDAP connection for this environment // $ldapConnectionConfig = Config::get('ldap.connections.' . App::environment()); if ($ldapConnectionConfig) { // use LDAP // return LDAP::modifyPassword($this, $password); } else { // encrypt password // $this->password = User::getEncryptedPassword($password, '{SSHA}', $this->password); // use SQL / Eloquent // $this->save(); return $this; } }
public function getUsers($projectUid) { $users = new Collection(); $projectMemberships = ProjectMembership::where('project_uid', '=', $projectUid)->get(); $project = Project::where('project_uid', '=', $projectUid)->first(); for ($i = 0; $i < sizeOf($projectMemberships); $i++) { $projectMembership = $projectMemberships[$i]; $userUid = $projectMembership['user_uid']; $user = User::getIndex($userUid); if ($user) { // set public fields // $user = array('first_name' => $user->first_name, 'last_name' => $user->last_name, 'email' => $user->email, 'affiliation' => $user->affiliation); // set metadata // if ($project->project_owner_uid == $userUid) { $user['owner'] = true; } } $users[] = $user; } return $users; }
public function getToolPermissionStatus($toolUuid) { $tool = Tool::where('tool_uuid', '=', $toolUuid)->first(); $package = Input::has('package_uuid') ? Package::where('package_uuid', '=', Input::get('package_uuid'))->first() : null; $project = Input::has('project_uid') ? Project::where('project_uid', '=', Input::get('project_uid'))->first() : null; $user = Input::has('user_uid') ? User::getIndex(Input::get('user_uid')) : User::getIndex(Session::get('user_uid')); // Parasoft tool // if ($tool->isParasoftTool()) { return $tool->getParasoftPermissionStatus($package, $project, $user); } return Response::json(array('success', true)); }
// check to see if user has priveleges to view tool // if (!$isPublic) { if (!($user->isAdmin() || $tool->isOwnedBy($user))) { return Response::make('Insufficient priveleges to access tool.', 403); } } } } // check tool version routes // $toolVersionUuid = $route->getParameter('tool_version_uuid'); if ($toolVersionUuid) { // get relevant attributes // $user = User::getIndex(Session::get('user_uid')); $toolVersion = ToolVersion::where('tool_version_uuid', '=', $toolVersionUuid)->first(); $tool = Tool::where('tool_uuid', '=', $toolVersion->tool_uuid)->first(); $isPublic = $tool->tool_sharing_status == 'public' || $tool->tool_sharing_status == 'PUBLIC'; $authenticationRequired = $method != 'get' && !$isPublic; // check to see if user is logged in // if ($authenticationRequired && !$user) { return Response::make('Authentication required to access tool version.', 401); } else { // check to see if user has priveleges to view tool version // if (!$isPublic) { if (!($user->isAdmin() || $toolVersion->getTool()->isOwnedBy($user))) { return Response::make('Insufficient priveleges to access tool version.', 403); }
public function getInviters() { $adminInvitations = AdminInvitation::all(); $users = new Collection(); for ($i = 0; $i < sizeOf($adminInvitations); $i++) { $adminInvitation = $adminInvitations[$i]; $user = User::getIndex($adminInvitation['inviter_uid']); } return $users; }
public function getAll() { $user = User::getIndex(Session::get('user_uid')); if ($user && $user->isAdmin()) { $executionRecordsQuery = ExecutionRecord::orderBy('create_date', 'DESC'); // add filters // $executionRecordsQuery = DateFilter::apply($executionRecordsQuery); $executionRecordsQuery = TripletFilter2::apply($executionRecordsQuery, null); $executionRecordsQuery = LimitFilter::apply($executionRecordsQuery); // allow soft delete // $executionRecordsQuery = $executionRecordsQuery->whereNull('delete_date'); return $executionRecordsQuery->get(); } }
public function getInvitee() { return User::getIndex($this->invitee_uid); }
public static function getNumUserProjectEvents($userUid) { $num = 0; // get optional project paramter // $projectUid = Input::get('project_uuid'); if ($projectUid != '') { $project = Project::where('project_uid', '=', $projectUid)->first(); // get events for a specific project // $userProjectEventsQuery = $project->getUserEventsQuery(); // apply filters // $userProjectEventsQuery = EventDateFilter::apply($userProjectEventsQuery); $userProjectEventsQuery = LimitFilter::apply($userProjectEventsQuery); $num = $userProjectEventsQuery->count(); } else { $userProjectEvents = new Collection(); // collect events of user's projects // $user = User::getIndex($userUid); if ($user) { $projects = $user->getProjects(); for ($i = 0; $i < sizeOf($projects); $i++) { if ($projects[$i] != null) { $userProjectEventsQuery = $projects[$i]->getUserEventsQuery(); // apply filters // $userProjectEventsQuery = EventDateFilter::apply($userProjectEventsQuery); $userProjectEventsQuery = LimitFilter::apply($userProjectEventsQuery); $num += $userProjectEventsQuery->count(); } } } } return $num; }
public function githubLogin() { // Attempt to load the github account the user is currently logged in as. // if (!Session::has('github_access_token')) { return Response::make('Unauthorized GitHub access.', 401); } $token = Session::get('github_access_token'); $ch = curl_init('https://api.github.com/user'); curl_setopt($ch, CURLOPT_HTTPHEADER, array("Authorization: token {$token}")); curl_setopt($ch, CURLOPT_RETURNTRANSFER, true); curl_setopt($ch, CURLOPT_CUSTOMREQUEST, 'GET'); curl_setopt($ch, CURLOPT_USERAGENT, 'SWAMP'); $response = curl_exec($ch); $github_user = json_decode($response); if (!property_exists($github_user, 'id')) { return Response::make('Unable to authenticate with GitHub.', 401); } $account = LinkedAccount::where('user_external_id', '=', $github_user->id)->first(); if ($account) { $user = User::getIndex($account->user_uid); if ($user) { if ($user->hasBeenVerified()) { if ($user->isEnabled()) { $userAccount = $user->getUserAccount(); $userAccount->penultimate_login_date = $userAccount->ultimate_login_date; $userAccount->ultimate_login_date = gmdate('Y-m-d H:i:s'); $userAccount->save(); $userEvent = new UserEvent(array('user_uid' => $user->user_uid, 'event_type' => 'linkedAccountSignIn', 'value' => json_encode(array('linked_account_provider_code' => 'github', 'user_external_id' => $account->user_external_id, 'user_ip' => $_SERVER['REMOTE_ADDR'])))); $userEvent->save(); $res = Response::json(array('user_uid' => $user->user_uid, 'access_token' => $token)); Session::set('timestamp', time()); Session::set('user_uid', $user->user_uid); return $res; } else { return Response::make('User has not been approved.', 401); } } else { return Response::make('User email has not been verified.', 401); } } else { return Response::make('Incorrect username or password.', 401); } } else { return Response::make('Account not found.', 401); } }
public function getUser() { return User::getIndex($this->user_uid); }
public function getInvitee($invitationKey) { $projectInvitation = ProjectInvitation::where('invitation_key', '=', $invitationKey)->get()->first(); $invitee = User::getByEmail($projectInvitation->email); return $invitee; }