public function save(Default_Model_APIKeyNetfilter $value)
{
global $application;
$data = array();
if (!isnull($value->getNetfilter())) {
$data['netfilter'] = $value->getNetfilter();
}
if (!isnull($value->getKeyID())) {
$data['keyid'] = $value->getKeyID();
}
$q1 = array('keyid = ?', 'netfilter = ?');
$q2 = array($value->keyid, $value->netfilter);
$select = $this->getDbTable()->select();
for ($i = 0; $i < count($q1); $i++) {
$select->where($q1[$i], $q2[$i]);
}
$new_entry = count($this->getDbTable()->fetchAll($select)) == 0;
if ($new_entry) {
$this->getDbTable()->insert($data);
} else {
$s = array();
for ($i = 0; $i < count($q1); $i++) {
$s[] = $this->getDbTable()->getAdapter()->quoteInto($q1[$i], $q2[$i]);
}
$this->getDbTable()->update($data, $s);
}
}
public function apikeylistAction()
{
$this->_helper->layout->disableLayout();
$this->_helper->viewRenderer->setNoRender();
$uid = $this->session->userid;
header("Content-Type:text/xml");
echo "<?xml version='1.0'?" . ">";
//Check if user is logged in
if ($_SERVER['HTTPS'] != "on") {
header("HTTP/1.0 403 Forbidden");
return;
}
if ($uid == null) {
header("HTTP/1.0 403 Forbidden");
echo "<apikeys error='Not logged in' ></apikeys>";
return;
}
$apiconf = new Zend_Config_Ini('../application/configs/application.ini', $_SERVER['APPLICATION_ENV']);
$apiconf = $apiconf->api;
//Check if this is a request to generate new filter
if ($_SERVER['REQUEST_METHOD'] == 'PUT') {
//Check if user has already reached the maximum number of generated api keys
$userapikeys = new Default_Model_APIKeys();
$userapikeys->filter->ownerid->equals($uid)->and($userapikeys->filter->authmethods->notequals(0));
if (count($userapikeys->items) >= $apiconf->maxkeys) {
header("HTTP/1.0 400 Bad Request");
if ($apiconf->maxkeys == "1") {
echo "<apikeys error='An API key is already generated for the current user.' ></apikeys>";
} else {
echo "<apikeys error='Generating more than " . $apiconf->maxnetfilters . " API keys per user is not allowed.' ></apikeys>";
}
return;
}
parse_str(file_get_contents("php://input"), $post_vars);
$netfs = array();
if (isset($post_vars["netfilters"])) {
$netfs = $post_vars["netfilters"];
}
//Check if number of given net filters are more than allowed
if (count($netfs) > $apiconf->maxnetfilters) {
header("HTTP/1.0 400 Bad Request");
if ($apiconf->maxnetfilters == "1") {
echo "<apikeys error='The current API key is already associated with a net filter.' ></apikeys>";
} else {
echo "<apikeys error='Associating more than " . $apiconf->maxnetfilters . " netfilters per API key is not allowed.' ></apikeys>";
}
return;
}
//Check netfilters are given for new api key
if (count($netfs) > 0) {
//Check if given netfilters are in use by someone else
$fs = new Default_Model_APIKeyNetfilters();
$fsfilter =& $fs->filter;
$tmpfs = new Default_Model_APIKeyNetfiltersFilter();
$tmpfs->keyid->equals();
foreach ($netfs as $f) {
$tmpfs = new Default_Model_APIKeyNetfiltersFilter();
$tmpfs->netfilter->equals($f);
$fsfilter->chain($tmpfs, "OR");
}
if (count($fs->items) > 0) {
header("HTTP/1.0 405 Method Not Allowed");
echo "<apikeys error='Netfilter \"" . $fs->items[0]->netfilter . "\" is already used.' ></apikeys>";
return;
}
}
//Generate new api key
$apik = new Default_Model_APIKey();
$apik->ownerid = $uid;
$apik->save();
//Check if key is generated
$newkeyID = $apik->id;
$apik = new Default_Model_APIKeys();
$apik->filter->id->equals($newkeyID);
if (count($apik->items) == 0) {
header("HTTP/1.0 500 Internal Server Error");
echo "<apikeys error='Could not generate new key.' ></apikeys>";
return;
}
//Add netfilters for the newly generated key
foreach ($netfs as $net) {
$apinf = new Default_Model_APIKeyNetfilter();
$apinf->netfilter = $net;
$apinf->keyid = $newkeyID;
$apinf->save();
}
} else {
if ($_SERVER['REQUEST_METHOD'] == 'POST') {
//Check if api key is given
if (isset($_GET["k"]) == false) {
header("HTTP/1.0 405 Method Not Allowed");
echo "<apikeys error='No key provided.' ></apikeys>";
return;
} else {
//Check if key exists
$apkeys = new Default_Model_APIKeys();
$apkeys->filter->id->equals($_GET["k"])->and($apkeys->filter->ownerid->equals($uid));
if (count($apkeys->items) == 0) {
header("HTTP/1.0 404 Not Found");
echo "<apikeys error='Could not retrieve key' ></apikeys>";
return;
}
}
//Check new net filters validity
$nflts = json_decode($_POST["data"]);
$nflts = $nflts->netfilters;
$nflts = array_unique($nflts);
if (count($nflts) > $apiconf->maxnetfilters) {
//if the newly posted net filters are less than the stored filters then
//its a deletion, so in case the maximum net filter count is reduced after
//the insertion it won't cause a validation error.
$oldnflts = new Default_Model_APIKeyNetfilters();
$oldnflts->filter->keyid->equals($_GET["k"]);
if (count($oldnflts->items) <= count($nflts)) {
header("HTTP/1.0 400 Bad Request");
if ($apiconf->maxnetfilters == "1") {
echo "<apikeys error='The current API key is already associated with a net filter.' ></apikeys>";
} else {
echo "<apikeys error='Associating more than " . $apiconf->maxnetfilters . " netfilters per API key is not allowed.' ></apikeys>";
}
return;
}
}
for ($i = 0; $i < count($nflts); $i++) {
if ($this->isValidNetFilter($nflts[$i]) === false) {
header("HTTP/1.0 400 Bad Request");
echo "<apikeys error='Net filter \"" . $nflts[$i] . "\" is not valid' ></apikeys>";
return;
}
}
//Delete old netfilters
$key = $apkeys->items[0];
$nflts = new Default_Model_APIKeyNetfilters();
$nflts->filter->keyid->equals($key->id);
$nfltsitems = $nflts->items;
for ($i = count($nfltsitems) - 1; $i >= 0; $i--) {
$nflts->remove($nfltsitems[$i]);
}
//Insert new netfilters
$nflts = json_decode($_POST["data"]);
$nflts = $nflts->netfilters;
if (count($nflts) > 0) {
for ($i = 0; $i < count($nflts); $i++) {
if (trim(urldecode($nflts[$i])) == "") {
continue;
}
$nf = new Default_Model_APIKeyNetfilter();
$nf->netfilter = urldecode($nflts[$i]);
$nf->keyid = $key->id;
$nf->save();
}
}
} else {
if ($_SERVER['REQUEST_METHOD'] == 'DELETE') {
//Check if api key is sent
if (isset($_GET["k"]) == false) {
echo "<apikeys error='No key provided' ></apikeys>";
return;
} else {
$apkeys = new Default_Model_APIKeys();
$apkeys->filter->id->equals($_GET["k"])->and($apkeys->filter->ownerid->equals($uid));
if (count($apkeys->items) == 0) {
echo "<apikeys error='Could not retrieve key' ></apikeys>";
return;
}
}
//Delete all netfilters associated with this api key
$key = $apkeys->items[0];
$key->authmethods = 0;
$key->save();
}
}
}
//Return xml representation of API keys for the current user
$apikeys = new Default_Model_APIKeys();
$apikeys->filter->ownerid->equals($uid)->and($apikeys->filter->authmethods->notequals(0));
$apikeys = $apikeys->items;
echo "<apikeys count='" . count($apikeys) . "' >";
if (count($apikeys) > 0) {
foreach ($apikeys as $apikey) {
echo "<apikey id='" . $apikey->id . "' key='" . $apikey->key . "' ownerid='" . $apikey->ownerid . "' createdon='" . $apikey->createdon . "' authmethods='" . $apikey->authmethods . "' ";
if ($apikey->sysaccountid != null) {
echo "sysaccount='" . $apikey->sysaccountid . "' ";
$rscs = new Default_Model_Researchers();
$rscs->filter->id->equals($apikey->sysaccountid);
if (count($rscs->items) > 0) {
echo "sysusername='******' ";
echo "sysdisplayname='" . $rscs->items[0]->lastname . "' ";
}
}
$netfilters = new Default_Model_APIKeyNetfilters();
$netfilters->filter->keyid->equals($apikey->id);
$netfilters = $netfilters->items;
if (count($netfilters) > 0) {
echo "netfilters='" . count($netfilters) . "' >";
foreach ($netfilters as $netfilter) {
echo "<netfilter value='" . $netfilter->netfilter . "' ></netfilter>";
}
} else {
echo "netfilters='0'>";
}
echo "</apikey>";
}
}
echo "</apikeys>";
}