function api_validate_form1($action, &$flowScope) { $registry = Zend_Registry::getInstance(); $translate = $registry->get("Zend_Translate"); /** * @var Api $api */ $api = $flowScope["api"]; $validationErrors = array(); if (isset($_POST["apiName"]) && !empty($_POST["apiName"])) { $api->displayName = $_POST["apiName"]; } else { $validationErrors["name"] = $translate->translate("Apis must have a name."); } if (isset($_POST["apiEndpoint"]) && !empty($_POST["apiEndpoint"])) { $api->endpoint = $_POST["apiEndpoint"]; } else { $validationErrors["endpoint"] = $translate->translate("Apis must have an endpoint."); } $targetHosts = array(); foreach ($_POST as $k => $v) { if (preg_match('/^targethost[0-9]+$/', $k) && !empty($v)) { $th = new TargetHost(); $th->url = $v; $targetHosts[] = $th; } } if (empty($targetHosts)) { $validationErrors["targethost0"] = $translate->translate("Apis must have at least one targethost."); } else { $contexts = $api->getContexts(); if (empty($contexts)) { $contexts = array(new ApiContext()); } $context = $contexts[0]; $context->setStatus(Status::$ACTIVE); $context->targetHosts = array(); $i = 0; foreach ($targetHosts as $th) { $isbad = $this->target_host_is_bad($th); if ($isbad) { $validationErrors["targethost" . $i] = $isbad; } $context->targetHosts[] = $th; } $api->setContexts($contexts); } if ($_POST["apienabled"]) { $api->setStatus(Status::$ACTIVE); } else { $api->setStatus(Status::$INACTIVE); } $authTypes = array(); $authkeykey = null; foreach ($_POST as $k => $v) { $matches = array(); if (preg_match('/^auth-(\\w*)$/', $k, $matches) && $v == 1) { $authType = isset($matches[1]) ? AuthType::fromString($matches[1]) : null; if (!empty($authType)) { $authTypes[] = $authType; if ($authType === AuthType::$AUTHKEY) { $authkeykey = $_POST["authkey-key"]; $isbad = $this->auth_key_key_is_bad($authkeykey); if ($isbad) { $validationErrors["authkey-key"] = $isbad; } } } } } if (!empty($authTypes)) { $provAuth = new ProvisionAuthentication(); $provAuth->setAuths($authTypes); $provAuth->setAuthKey($authkeykey); $api->setAuthentication($provAuth); } else { $validationErrors["auth"] = $translate->translate("Apis must have at least one auth type."); } if ($_POST["https"]) { $https = new HTTPSType(); $https->setEnabled("true"); $https_mode = $_POST["https-mode"]; if (empty($https_mode) || TLSMode::fromString($https_mode) === null) { $validationErrors["https-mode"] = $translate->translate("With https on, TLS Mode must be 1way or 2way"); } else { $https->setTlsMode(TLSMode::fromString($https_mode)); } $api->setHttps($https); } else { $https = new HTTPSType(); $https->setEnabled(false); $api->setHttps($https); } foreach (array("tps-warn", "tps-threshold", "tpm-warn", "tpm-threshold") as $tpx) { if (isset($_POST[$tpx])) { if (is_numeric($_POST[$tpx])) { $contexts = $api->getContexts(); /** * @var ApiContext $context */ $context = $contexts[0]; switch ($tpx) { case "tps-warn": $context->setMaxRateLimitTPSWarning($_POST[$tpx]); break; case "tps-threshold": $context->setMaxRateLimitTPSThreshold($_POST[$tpx]); break; case "tpm-warn": $context->setMaxRateLimitTPMWarning($_POST[$tpx]); break; case "tpm-threshold": $context->setMaxRateLimitTPMThreshold($_POST[$tpx]); break; } } else { switch ($tpx) { case "tps-warn": $validationErrors[$tpx] = $translate->translate("Transactions-per-second warning trigger must be a number"); break; case "tps-threshold": $validationErrors[$tpx] = $translate->translate("Transactions-per-second cutoff threshold must be a number"); break; case "tpm-warn": $validationErrors[$tpx] = $translate->translate("Transactions-per-minute warning trigger must be a number"); break; case "tpm-threshold": $validationErrors[$tpx] = $translate->translate("Transactions-per-minute cutoff threshold must be a number"); break; } } } } $methods = $api->getAllowedHttpMethods(); $methods = array_diff($methods, array("GET")); if ($_POST["method-get"]) { $methods[] = "GET"; } $methods = array_diff($methods, array("POST")); if ($_POST["method-post"]) { $methods[] = "POST"; } $methods = array_diff($methods, array("PUT")); if ($_POST["method-put"]) { $methods[] = "PUT"; } $methods = array_diff($methods, array("DELETE")); if ($_POST["method-delete"]) { $methods[] = "DELETE"; } $api->setAllowedHttpMethods($methods); $headerTransformations = SharedViewUtility::deserializeHeaderTransformations($this->getRequest()); $api->setHeaderTransformations($headerTransformations); $api->setHeaderTransformationEnabled(count($headerTransformations) > 0); SharedViewUtility::validateHeaderTransformations($api->getHeaderTransformations(), $validationErrors); $properties = SharedViewUtility::deserializeProperties($this->getRequest()); $api->setProperties($properties); SharedViewUtility::validateProperties($properties, $validationErrors); $tdrsenabled = (bool) $_POST["tdrsenabled"]; $api->setTdrEnabled($tdrsenabled); $tdrRules = SharedViewUtility::deserializeTdrRules($this->getRequest()); $api->setTdrData($tdrRules); SharedViewUtility::validateTdrRules($tdrRules, $validationErrors); // If I don't have access to the view, set error messages in the flow scope $flowScope["validationErrors"] = $validationErrors; $flowScope['gotoAuthsubflow'] = $action === "submitAndAuth"; return count($validationErrors) === 0 ? "valid" : "invalid"; }
if (empty($id)) { $id = $this->_getParam("id"); } if (empty($id)) { throw new Zend_Controller_Action_Exception(PolicyController::translate('Resource Not Found'), 404); } // Set the auth and api lists in the flowscope // so that the view can load them $flowScope['apis'] = $this->policyManager->getAllApis(true); $flowScope['auths'] = $this->policyManager->getAllAuths(true); // Set the id in the flowscope $flowScope['policyId'] = $id; $policy = @$flowScope['policy']; /** * If the id is "create" and we haven't filled out the form before * then we need to create a new Policy and set some defaults */ if ($id === "create" && $policy === null) { $policy = PolicyController::createBasicPolicy(); $flowScope['isNew'] = true; } else {
/** * On-exit callback for the "form" state * it should take the form submission and deserialize it into an Auth object and * stick it on the flowScope. * * @param $action * @param $flowScope */ public function deserializeForm($action, &$flowScope) { /** * @var Auth $auth */ $auth = $flowScope['auth']; $flowScope['howMany'] = $flowScope['isNew'] ? $this->_getParam('howMany') : "1"; // Only accept the id if we are creating a new one if ($flowScope['isNew']) { $auth->id = $this->_getParam('authid'); } $auth->type = $this->_getParam('type'); switch ($auth->type) { case AuthType::$AUTHKEY: $auth->authKeyAuth->keyValue = $this->_getParam("authKey"); break; case AuthType::$BASIC: $auth->basicAuth->username = $this->_getParam("username"); $auth->basicAuth->password = $this->_getParam("password"); break; case AuthType::$WSSE: $auth->wsseAuth->username = $this->_getParam("username"); $auth->wsseAuth->password = $this->_getParam("password"); $auth->wsseAuth->passwordType = WSSEPasswordType::PLAINTEXT; break; case AuthType::$IPWHITELIST: $ipList = $this->_getParam("ipWhiteList"); if (!empty($ipList)) { $auth->ipWhiteListAuth->ips = explode(',', $ipList); } break; } $auth->status = $this->_getParam('status'); $auth->headerTransformations = SharedViewUtility::deserializeHeaderTransformations($this->getRequest()); $auth->properties = SharedViewUtility::deserializeProperties($this->getRequest()); $auth->tdrData = SharedViewUtility::deserializeTdrRules($this->getRequest()); $flowScope['auth'] = $auth; }