/** * Authenticates valid user. * * @return array * @throws \DreamFactory\Core\Exceptions\BadRequestException * @throws \DreamFactory\Core\Exceptions\UnauthorizedException */ protected function handlePOST() { $serviceName = $this->getPayloadData('service'); if (empty($serviceName)) { $serviceName = $this->request->getParameter('service'); } if (!empty($serviceName)) { $service = ServiceHandler::getService($serviceName); $serviceModel = Service::find($service->getServiceId()); $serviceType = $serviceModel->serviceType()->first(); $serviceGroup = $serviceType->group; if (!in_array($serviceGroup, [ServiceTypeGroups::OAUTH, ServiceTypeGroups::LDAP])) { throw new BadRequestException('Invalid login service provided. Please use an OAuth or AD/Ldap service.'); } if ($serviceGroup === ServiceTypeGroups::LDAP) { $credentials = ['username' => $this->getPayloadData('username'), 'password' => $this->getPayloadData('password')]; return $service->handleLogin($credentials, $this->getPayloadData('remember_me')); } elseif ($serviceGroup === ServiceTypeGroups::OAUTH) { $oauthCallback = $this->request->getParameterAsBool('oauth_callback'); if (!empty($oauthCallback)) { return $service->handleOAuthCallback(); } else { return $service->handleLogin($this->request->getDriver()); } } } else { $credentials = ['email' => $this->getPayloadData('email'), 'password' => $this->getPayloadData('password'), 'is_sys_admin' => false]; return $this->handleLogin($credentials, boolval($this->getPayloadData('remember_me'))); } }
protected function createUser($num) { $user = $this->{'user' . $num}; $payload = json_encode([$user], JSON_UNESCAPED_SLASHES); $this->service = ServiceHandler::getService('system'); $rs = $this->makeRequest(Verbs::POST, 'user', [ApiOptions::FIELDS => '*', ApiOptions::RELATED => 'user_lookup_by_user_id'], $payload); $this->service = ServiceHandler::getService($this->serviceId); $data = $rs->getContent(); return Arr::get($data, static::$wrapper . '.0'); }
public function testUnauthorizedSessionRequest() { $user = $this->user1; $this->makeRequest(Verbs::POST, 'user', [ApiOptions::FIELDS => '*', ApiOptions::RELATED => 'user_lookup_by_user_id'], [$user]); Session::authenticate(['email' => $user['email'], 'password' => $user['password']]); //Using a new instance here. Prev instance is set for user resource. $this->service = ServiceHandler::getService('system'); $this->setExpectedException('\\DreamFactory\\Core\\Exceptions\\UnauthorizedException'); $this->makeRequest(Verbs::GET, static::RESOURCE . '/session'); }
/** * Handles DELETE action * * @return array * @throws NotImplementedException */ protected function handleDELETE() { if (empty($this->resource)) { \Cache::flush(); } else { $service = ServiceHandler::getService($this->resource); if ($service instanceof CachedInterface) { $service->flush(); } else { throw new NotImplementedException('Service does not implement API controlled cache.'); } } return ['success' => true]; }
public function testPOSTRegister() { $u = $this->user1; $password = Arr::get($u, 'password'); $payload = ['first_name' => Arr::get($u, 'first_name'), 'last_name' => Arr::get($u, 'last_name'), 'name' => Arr::get($u, 'name'), 'email' => Arr::get($u, 'email'), 'phone' => Arr::get($u, 'phone'), 'security_question' => Arr::get($u, 'security_question'), 'security_answer' => Arr::get($u, 'security_answer'), 'password' => $password, 'password_confirmation' => Arr::get($u, 'password_confirmation', $password)]; Session::setUserInfoWithJWT(User::find(1)); $r = $this->makeRequest(Verbs::POST, static::RESOURCE, [], $payload); $c = $r->getContent(); $this->assertTrue(Arr::get($c, 'success')); Session::set('role.name', 'test'); Session::set('role.id', 1); $this->service = ServiceHandler::getService('user'); $r = $this->makeRequest(Verbs::POST, 'session', [], ['email' => Arr::get($u, 'email'), 'password' => Arr::get($u, 'password')]); $c = $r->getContent(); $this->assertTrue(!empty(Arr::get($c, 'session_id'))); }
public function testApiKeyUserRole() { $user = ['name' => 'John Doe', 'first_name' => 'John', 'last_name' => 'Doe', 'email' => '*****@*****.**', 'password' => 'test1234', 'security_question' => 'Make of your first car?', 'security_answer' => 'mazda', 'is_active' => true]; $role = ['name' => 'test_role', 'is_active' => true, 'role_service_access_by_role_id' => [['service_id' => 1, 'component' => 'config', 'verb_mask' => 1, 'requestor_mask' => 1]]]; $this->service = ServiceHandler::getService('system'); $rs = $this->makeRequest(Verbs::POST, 'user', [], [$user]); $data = $rs->getContent(); $userId = Arr::get($data, static::$wrapper . '.0.id'); $this->service = ServiceHandler::getService('system'); $rs = $this->makeRequest(Verbs::POST, 'role', [], [$role]); $data = $rs->getContent(); $roleId = Arr::get($data, static::$wrapper . '.0.id'); \DreamFactory\Core\Models\UserAppRole::create(['user_id' => $userId, 'app_id' => 1, 'role_id' => $roleId]); $app = App::find(1); $apiKey = $app->api_key; $myUser = User::find($userId); $token = JWTUtilities::makeJWTByUser($myUser->id, $myUser->email); $this->call(Verbs::GET, '/api/v2/system', [], [], [], ['HTTP_X_DREAMFACTORY_API_KEY' => $apiKey, 'HTTP_X_DREAMFACTORY_SESSION_TOKEN' => $token]); $this->assertFalse(Session::isSysAdmin()); $this->assertEquals($roleId, Session::get('role.id')); $rsa = Session::get('role.services'); $this->assertTrue(!empty($rsa)); }
/** * Execute the console command. * * @return mixed */ public function handle() { if (!class_exists('DreamFactory\\Core\\ADLdap\\Services\\ADLdap')) { $this->error('Command unavailable. Please install \'dreamfactory/df-adldap\' package to use this command.'); return; } try { $serviceName = $this->argument('service'); $username = $this->option('username'); $password = $this->option('password'); /** @type ADLdap $service */ $service = ServiceHandler::getService($serviceName); $serviceModel = Service::find($service->getServiceId()); $serviceType = $serviceModel->serviceType()->first(); $serviceGroup = $serviceType->group; if ($serviceGroup !== ServiceTypeGroups::LDAP) { throw new BadRequestException('Invalid service name [' . $serviceName . ']. Please use a valid Active Directory service'); } $this->line('Contacting your Active Directory server...'); $service->authenticateAdminUser($username, $password); $this->line('Fetching Active Directory groups...'); $groups = $service->getDriver()->listGroup(['dn', 'description']); $roles = []; foreach ($groups as $group) { $dfRole = RoleADLdap::whereDn($group['dn'])->first(); if (empty($dfRole)) { $role = ['name' => static::dnToRoleName($group['dn']), 'description' => $group['description'], 'is_active' => true, 'role_adldap_by_role_id' => [['dn' => $group['dn']]]]; $this->info('|--------------------------------------------------------------------'); $this->info('| DN: ' . $group['dn']); $this->info('| Role Name: ' . $role['name']); $this->info('| Description: ' . $role['description']); $this->info('|--------------------------------------------------------------------'); $roles[] = $role; } } $roleCount = count($roles); if ($roleCount > 0) { $this->warn('Total Roles to import: [' . $roleCount . ']'); if ($this->confirm('The above roles will be imported into your DreamFactroy instance based on your Active Directory groups. Do you wish to continue?')) { $this->line('Importing Roles...'); $payload = ResourcesWrapper::wrapResources($roles); ServiceHandler::handleRequest(Verbs::POST, 'system', 'role', ['continue' => true], $payload); $this->info('Successfully imported all Active Directory groups as Roles.'); } else { $this->info('Aborted import process. No Roles were imported'); } } else { if (count($groups) > 0 && $roleCount === 0) { $this->info('All groups found on the Active Directory server are already imported.'); } else { $this->warn('No group was found on Active Directory server.'); } } } catch (RestException $e) { $this->error($e->getMessage()); if ($this->option('verbose')) { $this->error(print_r($e->getContext(), true)); } } catch (\Exception $e) { $this->error($e->getMessage()); } }
/** * @param string $method * @param string $path * @param array $payload * @param array $curlOptions Additional CURL options for external requests * * @return array */ public static function inlineRequest($method, $path, $payload = null, $curlOptions = []) { if (null === $payload || 'null' == $payload) { $payload = []; } if (!empty($curlOptions)) { $options = []; foreach ($curlOptions as $key => $value) { if (!is_numeric($key)) { if (defined($key)) { $options[constant($key)] = $value; } } } $curlOptions = $options; unset($options); } try { if ('https:/' == ($protocol = substr($path, 0, 7)) || 'http://' == $protocol) { $result = static::externalRequest($method, $path, $payload, $curlOptions); } else { $result = null; $params = []; if (false !== ($pos = strpos($path, '?'))) { $paramString = substr($path, $pos + 1); if (!empty($paramString)) { $pArray = explode('&', $paramString); foreach ($pArray as $k => $p) { if (!empty($p)) { $tmp = explode('=', $p); $name = ArrayUtils::get($tmp, 0, $k); $value = ArrayUtils::get($tmp, 1); $params[$name] = urldecode($value); } } } $path = substr($path, 0, $pos); } if (false === ($pos = strpos($path, '/'))) { $serviceName = $path; $resource = null; } else { $serviceName = substr($path, 0, $pos); $resource = substr($path, $pos + 1); // Fix removal of trailing slashes from resource if (!empty($resource)) { if (false === strpos($path, '?') && '/' === substr($path, strlen($path) - 1, 1) || '/' === substr($path, strpos($path, '?') - 1, 1)) { $resource .= '/'; } } } if (empty($serviceName)) { return null; } $format = DataFormats::PHP_ARRAY; if (!is_array($payload)) { $format = DataFormats::TEXT; } Session::checkServicePermission($method, $serviceName, $resource, ServiceRequestorTypes::SCRIPT); $request = new ScriptServiceRequest($method, $params); $request->setContent($payload, $format); // Now set the request object and go... $service = ServiceHandler::getService($serviceName); $result = $service->handleRequest($request, $resource); } } catch (\Exception $ex) { $result = ResponseFactory::create($ex); Log::error('Exception: ' . $ex->getMessage(), ['response' => $result]); } return ResponseFactory::sendScriptResponse($result); }
/** * @param $name * * @return BaseRestService */ public static function getService($name) { return ServiceHandler::getService($name); }