/** * @Route ("/admin/user/{id}/edit") * @Secure ({"ADMIN"}) * @HttpMethod ({"GET"}) * * @param array $params * @param ViewModel $model * @throws Exception * @return string */ public function adminUserEdit(array $params, ViewModel $model) { $model->title = 'User'; FilterParams::required($params, 'id'); $user = UserService::instance()->getUserById($params['id']); if (empty($user)) { throw new Exception('User was not found'); } $userService = UserService::instance(); $userFeaturesService = UserFeaturesService::instance(); $apiAuthenticationService = ApiAuthenticationService::instance(); $chatlogService = ChatlogService::instance(); $subscriptionsService = SubscriptionsService::instance(); $user['roles'] = $userService->getUserRolesByUserId($user['userId']); $user['features'] = $userFeaturesService->getUserFeatures($user['userId']); $user['ips'] = $userService->getIPByUserId($user['userId']); $model->user = $user; $model->smurfs = $userService->findSameIPUsers($user['userId']); $model->features = $userFeaturesService->getDetailedFeatures(); $ban = $userService->getUserActiveBan($user['userId']); $banContext = array(); if (!empty($ban)) { $banContext = $chatlogService->getChatLogBanContext($user['userId'], Date::getDateTime($ban['starttimestamp']), 18); } $model->banContext = $banContext; $model->ban = $ban; $model->authSessions = $apiAuthenticationService->getAuthSessionsByUserId($user['userId']); $model->address = $userService->getAddressByUserId($user['userId']); $model->subscriptions = $subscriptionsService->getUserSubscriptions($user['userId']); if (Session::get('modelSuccess')) { $model->success = Session::get('modelSuccess'); Session::set('modelSuccess'); } return 'admin/user'; }
/** * @param array $params * @throws Exception */ public function authenticate(array $params) { if (!isset($params['authtoken']) || empty($params['authtoken'])) { return new Response(Http::STATUS_FORBIDDEN, 'Invalid or empty authToken'); } $authToken = ApiAuthenticationService::instance()->getAuthToken($params['authtoken']); if (empty($authToken)) { return new Response(Http::STATUS_FORBIDDEN, 'Auth token not found'); } $user = UserService::instance()->getUserById($authToken['userId']); if (empty($user)) { return new Response(Http::STATUS_FORBIDDEN, 'User not found'); } $credentials = new SessionCredentials($user); $credentials->setAuthProvider('API'); $credentials->addRoles(UserRole::USER); $credentials->addFeatures(UserFeaturesService::instance()->getUserFeatures($authToken['userId'])); $credentials->addRoles(UserService::instance()->getUserRolesByUserId($authToken['userId'])); $subscription = SubscriptionsService::instance()->getUserActiveSubscription($authToken['userId']); if (!empty($subscription)) { $credentials->addRoles(UserRole::SUBSCRIBER); $credentials->addFeatures(UserFeature::SUBSCRIBER); if ($subscription['subscriptionTier'] == 2) { $credentials->addFeatures(UserFeature::SUBSCRIBERT2); } if ($subscription['subscriptionTier'] == 3) { $credentials->addFeatures(UserFeature::SUBSCRIBERT3); } } $response = new Response(Http::STATUS_OK, json_encode($credentials->getData())); $response->addHeader(Http::HEADER_CONTENTTYPE, MimeType::JSON); return $response; }
/** * @param array $params * @return Response * @throws Exception */ public function authenticate(array $params) { if (!isset($params['authtoken']) || empty($params['authtoken'])) { return new Response(Http::STATUS_FORBIDDEN, 'Invalid or empty authToken'); } $authToken = ApiAuthenticationService::instance()->getAuthToken($params['authtoken']); if (empty($authToken)) { return new Response(Http::STATUS_FORBIDDEN, 'Auth token not found'); } $user = UserService::instance()->getUserById($authToken['userId']); if (empty($user)) { return new Response(Http::STATUS_FORBIDDEN, 'User not found'); } $authenticationService = AuthenticationService::instance(); $credentials = $authenticationService->getUserCredentials($user, 'API'); $response = new Response(Http::STATUS_OK, json_encode($credentials->getData())); $response->addHeader(Http::HEADER_CONTENTTYPE, MimeType::JSON); return $response; }
/** * @Route ("/profile/authtoken/{authToken}/delete") * @HttpMethod ({"POST"}) * @Secure ({"USER"}) * * @param array $params * @return string * @throws Exception * @throws \Destiny\Common\Utils\FilterParamsException */ public function profileAuthTokenDelete(array $params) { FilterParams::required($params, 'authToken'); $userId = Session::getCredentials()->getUserId(); $apiAuthService = ApiAuthenticationService::instance(); $authToken = $apiAuthService->getAuthToken($params['authToken']); if (empty($authToken)) { throw new Exception('Auth token not found'); } if ($authToken['userId'] != $userId) { throw new Exception('Auth token not owned by user'); } $apiAuthService->removeAuthToken($authToken['authTokenId']); Session::set('modelSuccess', 'Auth token removed!'); return 'redirect: /profile/authentication'; }
/** * @Route ("/admin/user/{id}/auth/{provider}/delete") * @Secure ({"ADMIN"}) * @HttpMethod ({"POST"}) * * @param array $params * @return string */ public function authProviderDelete(array $params) { $apiAuthService = ApiAuthenticationService::instance(); $apiAuthService->deleteAuthProfileByUserId($params['id'], $params['provider']); Session::set('modelSuccess', 'Authentication profile removed!'); return 'redirect: /admin/user/' . urlencode($params['id']) . '/edit'; }