public function save(Default_Model_APIKeyNetfilter $value) { global $application; $data = array(); if (!isnull($value->getNetfilter())) { $data['netfilter'] = $value->getNetfilter(); } if (!isnull($value->getKeyID())) { $data['keyid'] = $value->getKeyID(); } $q1 = array('keyid = ?', 'netfilter = ?'); $q2 = array($value->keyid, $value->netfilter); $select = $this->getDbTable()->select(); for ($i = 0; $i < count($q1); $i++) { $select->where($q1[$i], $q2[$i]); } $new_entry = count($this->getDbTable()->fetchAll($select)) == 0; if ($new_entry) { $this->getDbTable()->insert($data); } else { $s = array(); for ($i = 0; $i < count($q1); $i++) { $s[] = $this->getDbTable()->getAdapter()->quoteInto($q1[$i], $q2[$i]); } $this->getDbTable()->update($data, $s); } }
public function apikeylistAction() { $this->_helper->layout->disableLayout(); $this->_helper->viewRenderer->setNoRender(); $uid = $this->session->userid; header("Content-Type:text/xml"); echo "<?xml version='1.0'?" . ">"; //Check if user is logged in if ($_SERVER['HTTPS'] != "on") { header("HTTP/1.0 403 Forbidden"); return; } if ($uid == null) { header("HTTP/1.0 403 Forbidden"); echo "<apikeys error='Not logged in' ></apikeys>"; return; } $apiconf = new Zend_Config_Ini('../application/configs/application.ini', $_SERVER['APPLICATION_ENV']); $apiconf = $apiconf->api; //Check if this is a request to generate new filter if ($_SERVER['REQUEST_METHOD'] == 'PUT') { //Check if user has already reached the maximum number of generated api keys $userapikeys = new Default_Model_APIKeys(); $userapikeys->filter->ownerid->equals($uid)->and($userapikeys->filter->authmethods->notequals(0)); if (count($userapikeys->items) >= $apiconf->maxkeys) { header("HTTP/1.0 400 Bad Request"); if ($apiconf->maxkeys == "1") { echo "<apikeys error='An API key is already generated for the current user.' ></apikeys>"; } else { echo "<apikeys error='Generating more than " . $apiconf->maxnetfilters . " API keys per user is not allowed.' ></apikeys>"; } return; } parse_str(file_get_contents("php://input"), $post_vars); $netfs = array(); if (isset($post_vars["netfilters"])) { $netfs = $post_vars["netfilters"]; } //Check if number of given net filters are more than allowed if (count($netfs) > $apiconf->maxnetfilters) { header("HTTP/1.0 400 Bad Request"); if ($apiconf->maxnetfilters == "1") { echo "<apikeys error='The current API key is already associated with a net filter.' ></apikeys>"; } else { echo "<apikeys error='Associating more than " . $apiconf->maxnetfilters . " netfilters per API key is not allowed.' ></apikeys>"; } return; } //Check netfilters are given for new api key if (count($netfs) > 0) { //Check if given netfilters are in use by someone else $fs = new Default_Model_APIKeyNetfilters(); $fsfilter =& $fs->filter; $tmpfs = new Default_Model_APIKeyNetfiltersFilter(); $tmpfs->keyid->equals(); foreach ($netfs as $f) { $tmpfs = new Default_Model_APIKeyNetfiltersFilter(); $tmpfs->netfilter->equals($f); $fsfilter->chain($tmpfs, "OR"); } if (count($fs->items) > 0) { header("HTTP/1.0 405 Method Not Allowed"); echo "<apikeys error='Netfilter \"" . $fs->items[0]->netfilter . "\" is already used.' ></apikeys>"; return; } } //Generate new api key $apik = new Default_Model_APIKey(); $apik->ownerid = $uid; $apik->save(); //Check if key is generated $newkeyID = $apik->id; $apik = new Default_Model_APIKeys(); $apik->filter->id->equals($newkeyID); if (count($apik->items) == 0) { header("HTTP/1.0 500 Internal Server Error"); echo "<apikeys error='Could not generate new key.' ></apikeys>"; return; } //Add netfilters for the newly generated key foreach ($netfs as $net) { $apinf = new Default_Model_APIKeyNetfilter(); $apinf->netfilter = $net; $apinf->keyid = $newkeyID; $apinf->save(); } } else { if ($_SERVER['REQUEST_METHOD'] == 'POST') { //Check if api key is given if (isset($_GET["k"]) == false) { header("HTTP/1.0 405 Method Not Allowed"); echo "<apikeys error='No key provided.' ></apikeys>"; return; } else { //Check if key exists $apkeys = new Default_Model_APIKeys(); $apkeys->filter->id->equals($_GET["k"])->and($apkeys->filter->ownerid->equals($uid)); if (count($apkeys->items) == 0) { header("HTTP/1.0 404 Not Found"); echo "<apikeys error='Could not retrieve key' ></apikeys>"; return; } } //Check new net filters validity $nflts = json_decode($_POST["data"]); $nflts = $nflts->netfilters; $nflts = array_unique($nflts); if (count($nflts) > $apiconf->maxnetfilters) { //if the newly posted net filters are less than the stored filters then //its a deletion, so in case the maximum net filter count is reduced after //the insertion it won't cause a validation error. $oldnflts = new Default_Model_APIKeyNetfilters(); $oldnflts->filter->keyid->equals($_GET["k"]); if (count($oldnflts->items) <= count($nflts)) { header("HTTP/1.0 400 Bad Request"); if ($apiconf->maxnetfilters == "1") { echo "<apikeys error='The current API key is already associated with a net filter.' ></apikeys>"; } else { echo "<apikeys error='Associating more than " . $apiconf->maxnetfilters . " netfilters per API key is not allowed.' ></apikeys>"; } return; } } for ($i = 0; $i < count($nflts); $i++) { if ($this->isValidNetFilter($nflts[$i]) === false) { header("HTTP/1.0 400 Bad Request"); echo "<apikeys error='Net filter \"" . $nflts[$i] . "\" is not valid' ></apikeys>"; return; } } //Delete old netfilters $key = $apkeys->items[0]; $nflts = new Default_Model_APIKeyNetfilters(); $nflts->filter->keyid->equals($key->id); $nfltsitems = $nflts->items; for ($i = count($nfltsitems) - 1; $i >= 0; $i--) { $nflts->remove($nfltsitems[$i]); } //Insert new netfilters $nflts = json_decode($_POST["data"]); $nflts = $nflts->netfilters; if (count($nflts) > 0) { for ($i = 0; $i < count($nflts); $i++) { if (trim(urldecode($nflts[$i])) == "") { continue; } $nf = new Default_Model_APIKeyNetfilter(); $nf->netfilter = urldecode($nflts[$i]); $nf->keyid = $key->id; $nf->save(); } } } else { if ($_SERVER['REQUEST_METHOD'] == 'DELETE') { //Check if api key is sent if (isset($_GET["k"]) == false) { echo "<apikeys error='No key provided' ></apikeys>"; return; } else { $apkeys = new Default_Model_APIKeys(); $apkeys->filter->id->equals($_GET["k"])->and($apkeys->filter->ownerid->equals($uid)); if (count($apkeys->items) == 0) { echo "<apikeys error='Could not retrieve key' ></apikeys>"; return; } } //Delete all netfilters associated with this api key $key = $apkeys->items[0]; $key->authmethods = 0; $key->save(); } } } //Return xml representation of API keys for the current user $apikeys = new Default_Model_APIKeys(); $apikeys->filter->ownerid->equals($uid)->and($apikeys->filter->authmethods->notequals(0)); $apikeys = $apikeys->items; echo "<apikeys count='" . count($apikeys) . "' >"; if (count($apikeys) > 0) { foreach ($apikeys as $apikey) { echo "<apikey id='" . $apikey->id . "' key='" . $apikey->key . "' ownerid='" . $apikey->ownerid . "' createdon='" . $apikey->createdon . "' authmethods='" . $apikey->authmethods . "' "; if ($apikey->sysaccountid != null) { echo "sysaccount='" . $apikey->sysaccountid . "' "; $rscs = new Default_Model_Researchers(); $rscs->filter->id->equals($apikey->sysaccountid); if (count($rscs->items) > 0) { echo "sysusername='******' "; echo "sysdisplayname='" . $rscs->items[0]->lastname . "' "; } } $netfilters = new Default_Model_APIKeyNetfilters(); $netfilters->filter->keyid->equals($apikey->id); $netfilters = $netfilters->items; if (count($netfilters) > 0) { echo "netfilters='" . count($netfilters) . "' >"; foreach ($netfilters as $netfilter) { echo "<netfilter value='" . $netfilter->netfilter . "' ></netfilter>"; } } else { echo "netfilters='0'>"; } echo "</apikey>"; } } echo "</apikeys>"; }