static function apply($query) { // check for tool name // $toolName = Input::get('tool_name'); if ($toolName != '') { $query = $query->where('tool_name', '=', $toolName); } // check for tool uuid // $toolUuid = Input::get('tool_uuid'); if ($toolUuid != '') { $toolVersions = ToolVersion::where('tool_uuid', '=', $toolUuid)->get(); $query = $query->where(function ($query) use($toolVersions) { for ($i = 0; $i < sizeof($toolVersions); $i++) { if ($i == 0) { $query->where('tool_version_uuid', '=', $toolVersions[$i]->tool_version_uuid); } else { $query->orWhere('tool_version_uuid', '=', $toolVersions[$i]->tool_version_uuid); } } }); } // check for tool version // $toolVersion = Input::get('tool_version'); if ($toolVersion == 'latest') { $tool = $tool::where('tool_uuid', '=', $toolUuid)->first(); if ($tool) { $latestVersion = $tool->getLatestVersion(); $query = $query->where('tool_version_uuid', '=', $latestVersion->tool_version_uuid); } } else { if ($toolVersion != '') { $query = $query->where('tool_version_uuid', '=', $toolVersion); } } // check for tool version uuid // $toolVersionUuid = Input::get('tool_version_uuid'); if ($toolVersionUuid == 'latest') { $tool = Tool::where('tool_uuid', '=', $toolVersionUuid)->first(); if ($tool) { $latestVersion = $tool->getLatestVersion(); $query = $query->where('tool_version_uuid', '=', $latestVersion->tool_version_uuid); } } else { if ($toolVersionUuid != '') { $query = $query->where('tool_version_uuid', '=', $toolVersionUuid); } } return $query; }
public function getToolAttribute() { $toolVersion = ToolVersion::where('tool_version_uuid', '=', $this->tool_version_uuid)->first(); if ($toolVersion != null) { $tool = Tool::where('tool_uuid', '=', $toolVersion->tool_uuid)->first(); } else { $tool = null; } // get tool info from results // if (!$tool || !$toolVersion) { $assessmentResult = AssessmentResult::where('execution_record_uuid', '=', $this->execution_record_uuid)->first(); } return array('name' => $tool ? $tool->name : ($assessmentResult ? $assessmentResult->tool_name : ''), 'version_string' => $toolVersion ? $toolVersion->version_string : ($assessmentResult ? $assessmentResult->tool_version : ''), 'tool_uuid' => $tool ? $tool->tool_uuid : '', 'tool_version_uuid' => $toolVersion ? $toolVersion->tool_version_uuid : ''); }
private function checkPermissions($assessmentRun) { $tool = Tool::where('tool_uuid', '=', $assessmentRun->tool_uuid)->first(); if ($tool->policy_code) { $user = User::getIndex(Session::get('user_uid')); switch ($tool->policy_code) { case 'parasoft-user-c-test-policy': case 'parasoft-user-j-test-policy': $permission = Permission::where('policy_code', '=', $tool->policy_code)->first(); $project = Project::where('project_uid', '=', $assessmentRun->project_uuid)->first(); $projectOwner = $project->owner; if (!$permission || !$project || !$projectOwner) { return Response::json(array('status' => 'error'), 404); } $userPermission = UserPermission::where('permission_code', '=', $permission->permission_code)->where('user_uid', '=', $projectOwner['user_uid'])->first(); $userPermissionProject = UserPermissionProject::where('user_permission_uid', '=', $userPermission->user_permission_uid)->where('project_uid', '=', $project->project_uid)->first(); // if the permission doesn't exist or isn't valid, return error // if (!$userPermission) { return Response::json(array('status' => 'owner_no_permission', 'project_name' => $project->full_name, 'tool_name' => $tool->name), 404); } if ($userPermission->status !== 'granted') { return Response::json(array('status' => 'owner_no_permission', 'project_name' => $project->full_name, 'tool_name' => $tool->name), 401); } // if the project hasn't been designated, return error // if (!$userPermissionProject) { return Response::json(array('status' => 'no_project', 'project_name' => $project->full_name, 'tool_name' => $tool->name), 404); } $userPolicy = UserPolicy::where('policy_code', '=', $tool->policy_code)->where('user_uid', '=', $user->user_uid)->first(); // if the policy hasn't been accepted, return error // $policyResponse = Response::json(array('status' => 'no_policy', 'policy' => $tool->policy, 'policy_code' => $tool->policy_code, 'tool' => $tool), 404); if ($userPolicy) { if ($userPolicy->accept_flag != '1') { return $policyResponse; } } else { return $policyResponse; } break; default: break; } } return true; }
static function apply($query) { // check for tool name // $toolName = Input::get('tool_name'); if ($toolName != '') { $query = $query->where('tool_name', '=', $toolName); } // check for tool uuid // $toolUuid = Input::get('tool_uuid'); if ($toolUuid != '') { $query = $query->where('tool_uuid', '=', $toolUuid); } // check for tool version // $toolVersion = Input::get('tool_version'); if ($toolVersion == 'latest') { $query = $query->whereNull('tool_version_uuid'); } else { if ($toolVersion != '') { $query = $query->where('tool_version_uuid', '=', $toolVersion); } } // check for tool version uuid // $toolVersionUuid = Input::get('tool_version_uuid'); if ($toolVersionUuid == 'latest') { $tool = Tool::where('tool_uuid', '=', $toolVersionUuid)->first(); $query = $query->whereNull('tool_version_uuid'); } else { if ($toolVersionUuid != '') { $query = $query->where('tool_version_uuid', '=', $toolVersionUuid); } } return $query; }
if (!$isPublic) { if (!($user->isAdmin() || $tool->isOwnedBy($user))) { return Response::make('Insufficient priveleges to access tool.', 403); } } } } // check tool version routes // $toolVersionUuid = $route->getParameter('tool_version_uuid'); if ($toolVersionUuid) { // get relevant attributes // $user = User::getIndex(Session::get('user_uid')); $toolVersion = ToolVersion::where('tool_version_uuid', '=', $toolVersionUuid)->first(); $tool = Tool::where('tool_uuid', '=', $toolVersion->tool_uuid)->first(); $isPublic = $tool->tool_sharing_status == 'public' || $tool->tool_sharing_status == 'PUBLIC'; $authenticationRequired = $method != 'get' && !$isPublic; // check to see if user is logged in // if ($authenticationRequired && !$user) { return Response::make('Authentication required to access tool version.', 401); } else { // check to see if user has priveleges to view tool version // if (!$isPublic) { if (!($user->isAdmin() || $toolVersion->getTool()->isOwnedBy($user))) { return Response::make('Insufficient priveleges to access tool version.', 403); } } }
public function deleteIndex($toolUuid) { $tool = Tool::where('tool_uuid', '=', $toolUuid)->first(); $tool->delete(); return $tool; }
/** * querying methods */ function getTool() { return Tool::where('tool_uuid', '=', $this->tool_uuid)->first(); }