/** * Validator for List API * * @param Request $r * @throws ForbiddenAccessException * @throws InvalidDatabaseOperationException * @throws NotFoundException */ private static function validateList(Request $r) { // Defaults for offset and rowcount if (!isset($r['offset'])) { $r['offset'] = 0; } if (!isset($r['rowcount'])) { $r['rowcount'] = 100; } if (!Authorization::IsSystemAdmin($r['current_user_id'])) { throw new ForbiddenAccessException('userNotAllowed'); } Validators::isNumber($r['offset'], 'offset', false); Validators::isNumber($r['rowcount'], 'rowcount', false); Validators::isInEnum($r['status'], 'status', array('new', 'waiting', 'compiling', 'running', 'ready'), false); Validators::isInEnum($r['verdict'], 'verdict', array('AC', 'PA', 'WA', 'TLE', 'MLE', 'OLE', 'RTE', 'RFE', 'CE', 'JE', 'NO-AC'), false); // Check filter by problem, is optional if (!is_null($r['problem_alias'])) { Validators::isStringNonEmpty($r['problem_alias'], 'problem'); try { $r['problem'] = ProblemsDAO::getByAlias($r['problem_alias']); } catch (Exception $e) { // Operation failed in the data layer throw new InvalidDatabaseOperationException($e); } if (is_null($r['problem'])) { throw new NotFoundException('problemNotFound'); } } Validators::isInEnum($r['language'], 'language', array('c', 'cpp', 'cpp11', 'java', 'py', 'rb', 'pl', 'cs', 'pas', 'kp', 'kj', 'cat', 'hs'), false); // Get user if we have something in username if (!is_null($r['username'])) { try { $r['user'] = UserController::resolveUser($r['username']); } catch (NotFoundException $e) { // If not found, simply ignore it $r['username'] = null; $r['user'] = null; } } }
/** * Does login for a user given username or email and password. * Expects in request: * usernameOrEmail * password * * @param Request $r * @return boolean */ public function NativeLogin(Request $r) { self::$log->info('Testing native login for ' . $r['usernameOrEmail']); $c_Users = new UserController(); $vo_User = null; if (null != $r['returnAuthToken']) { $returnAuthToken = $r['returnAuthToken']; } else { $returnAuthToken = false; } try { $vo_User = UserController::resolveUser($r['usernameOrEmail']); $r['user_id'] = $vo_User->getUserId(); $r['user'] = $vo_User; } catch (ApiException $e) { self::$log->warn('User ' . $r['usernameOrEmail'] . ' not found.'); return false; } $b_Valid = $c_Users->TestPassword($r); if (!$b_Valid) { self::$log->warn('User ' . $r['usernameOrEmail'] . ' has introduced invalid credentials.'); return false; } self::$log->info('User ' . $r['usernameOrEmail'] . ' has loged in natively.'); UserController::checkEmailVerification($r); try { return $this->RegisterSession($vo_User, $returnAuthToken); } catch (Exception $e) { self::$log->error($e); return false; //@TODO actuar en base a la exception } }
/** * Validator for List API * * @param Request $r * @throws ForbiddenAccessException * @throws InvalidDatabaseOperationException * @throws NotFoundException */ private static function validateList(Request $r) { // Defaults for offset and rowcount if (!isset($r["offset"])) { $r["offset"] = 0; } if (!isset($r["rowcount"])) { $r["rowcount"] = 100; } if (!Authorization::IsSystemAdmin($r["current_user_id"])) { throw new ForbiddenAccessException("userNotAllowed"); } Validators::isNumber($r["offset"], "offset", false); Validators::isNumber($r["rowcount"], "rowcount", false); Validators::isInEnum($r["status"], "status", array('new', 'waiting', 'compiling', 'running', 'ready'), false); Validators::isInEnum($r["verdict"], "verdict", array("AC", "PA", "WA", "TLE", "MLE", "OLE", "RTE", "RFE", "CE", "JE", "NO-AC"), false); // Check filter by problem, is optional if (!is_null($r["problem_alias"])) { Validators::isStringNonEmpty($r["problem_alias"], "problem"); try { $r["problem"] = ProblemsDAO::getByAlias($r["problem_alias"]); } catch (Exception $e) { // Operation failed in the data layer throw new InvalidDatabaseOperationException($e); } if (is_null($r["problem"])) { throw new NotFoundException("problemNotFound"); } } Validators::isInEnum($r["language"], "language", array('c', 'cpp', 'cpp11', 'java', 'py', 'rb', 'pl', 'cs', 'pas', 'kp', 'kj', 'cat', 'hs'), false); // Get user if we have something in username if (!is_null($r["username"])) { try { $r["user"] = UserController::resolveUser($r["username"]); } catch (NotFoundException $e) { // If not found, simply ignore it $r["username"] = null; $r["user"] = null; } } }
/** * Removes an admin from a contest * * @param Request $r * @return array * @throws InvalidDatabaseOperationException * @throws ForbiddenAccessException */ public static function apiRemoveAdmin(Request $r) { // Authenticate logged user self::authenticateRequest($r); // Check whether problem exists Validators::isStringNonEmpty($r['problem_alias'], 'problem_alias'); $r['user'] = UserController::resolveUser($r['usernameOrEmail']); try { $r['problem'] = ProblemsDAO::getByAlias($r['problem_alias']); } catch (Exception $e) { // Operation failed in the data layer throw new InvalidDatabaseOperationException($e); } if (!Authorization::IsProblemAdmin($r['current_user_id'], $r['problem'])) { throw new ForbiddenAccessException(); } // Check if admin to delete is actually an admin if (!Authorization::IsProblemAdmin($r['user']->user_id, $r['problem'])) { throw new NotFoundException(); } $user_role = new UserRoles(); $user_role->setContestId($r['problem']->problem_id); $user_role->setUserId($r['user']->user_id); $user_role->setRoleId(PROBLEM_ADMIN_ROLE); // Delete the role try { UserRolesDAO::delete($user_role); } catch (Exception $e) { // Operation failed in the data layer throw new InvalidDatabaseOperationException($e); } return array('status' => 'ok'); }
/** * Remove user from group * * @param Request $r */ public static function apiRemoveUser(Request $r) { self::validateGroupAndOwner($r); $r["user"] = UserController::resolveUser($r["usernameOrEmail"]); try { $key = new GroupsUsers(array("group_id" => $r["group"]->group_id, "user_id" => $r["user"]->user_id)); // Check user is actually in group $groups_user = GroupsUsersDAO::search($key); if (count($groups_user) === 0) { throw new InvalidParameterException("parameterNotFound", "User"); } GroupsUsersDAO::delete($key); self::$log->info("Removed " . $r["user"]->username . " removed."); } catch (ApiException $ex) { throw $ex; } catch (Exception $ex) { throw new InvalidDatabaseOperationException($ex); } return array("status" => "ok"); }
/** * Remove user from group * * @param Request $r */ public static function apiRemoveUser(Request $r) { self::validateGroupAndOwner($r); $r['user'] = UserController::resolveUser($r['usernameOrEmail']); try { $key = new GroupsUsers(array('group_id' => $r['group']->group_id, 'user_id' => $r['user']->user_id)); // Check user is actually in group $groups_user = GroupsUsersDAO::search($key); if (count($groups_user) === 0) { throw new InvalidParameterException('parameterNotFound', 'User'); } GroupsUsersDAO::delete($key); self::$log->info('Removed ' . $r['user']->username . ' removed.'); } catch (ApiException $ex) { throw $ex; } catch (Exception $ex) { throw new InvalidDatabaseOperationException($ex); } return array('status' => 'ok'); }