Exemplo n.º 1
0
 public function getUser()
 {
     if ($this->retrievedUser) {
         return $this->user;
     }
     // read the key from the request header
     $key = Request::header('X-Api-Key');
     $user = null;
     if (!is_null($key)) {
         $user = ApiUser::where("key", $key)->where("enabled", true)->first();
     }
     $this->user = $user;
     $this->retrievedUser = true;
     return $user;
 }
Exemplo n.º 2
0
 public function anyEdit($id = null)
 {
     Auth::getUser()->hasPermissionOr401(Config::get("permissions.apiUsers"), 1);
     $apiUser = null;
     $editing = false;
     if (!is_null($id)) {
         $apiUser = ApiUser::find($id);
         if (is_null($apiUser)) {
             App::abort(404);
             return;
         }
         $editing = true;
     }
     $formSubmitted = isset($_POST['form-submitted']) && $_POST['form-submitted'] === "1";
     // has id 1
     // populate $formData with default values or received values
     $formData = FormHelpers::getFormData(array(array("enabled", ObjectHelpers::getProp(true, $apiUser, "enabled") ? "y" : ""), array("can-view-vod-uris", ObjectHelpers::getProp(false, $apiUser, "can_view_vod_uris") ? "y" : ""), array("can-view-stream-uris", ObjectHelpers::getProp(false, $apiUser, "can_view_stream_uris") ? "y" : ""), array("can-use-webhooks", ObjectHelpers::getProp(false, $apiUser, "can_use_webhooks") ? "y" : ""), array("owner", ObjectHelpers::getProp("", $apiUser, "owner")), array("information", ObjectHelpers::getProp("", $apiUser, "information")), array("key", ObjectHelpers::getProp(sha1(str_random(60)), $apiUser, "key"))), !$formSubmitted);
     $errors = null;
     if ($formSubmitted) {
         $modelCreated = DB::transaction(function () use(&$formData, &$apiUser, &$errors) {
             Validator::extend('unique_key', function ($attribute, $value, $parameters) use(&$apiUser) {
                 $currentId = !is_null($apiUser) ? intval($apiUser->id) : null;
                 $q = ApiUser::where("key", $value);
                 if (!is_null($currentId)) {
                     $q = $q->where("id", "!=", $currentId);
                 }
                 return $q->count() === 0;
             });
             Validator::extend('unique_owner', function ($attribute, $value, $parameters) use(&$apiUser) {
                 $currentId = !is_null($apiUser) ? intval($apiUser->id) : null;
                 $q = ApiUser::where("owner", $value);
                 if (!is_null($currentId)) {
                     $q = $q->where("id", "!=", $currentId);
                 }
                 return $q->count() === 0;
             });
             $validator = Validator::make($formData, array('owner' => array('required', 'unique_owner'), 'key' => array('required', 'unique_key', 'regex:/^[0-9a-f]{40}$/')), array('owner.required' => FormHelpers::getRequiredMsg(), 'owner.unique_owner' => "There is already an api user with this owner.", 'key.required' => FormHelpers::getGenericInvalidMsg(), 'key.unique_key' => "This key is already in use.", 'key.regex' => "The key must be a lower case SHA-1 hash."));
             if (!$validator->fails()) {
                 // everything is good. save model
                 // build the model now. Then validate that there is at least one admin. Done in this order so that resultsInNoAccessibleAdminLogin() works.
                 if (is_null($apiUser)) {
                     $apiUser = new ApiUser();
                 }
                 $apiUser->enabled = FormHelpers::toBoolean($formData['enabled']);
                 $apiUser->can_view_vod_uris = FormHelpers::toBoolean($formData['can-view-vod-uris']);
                 $apiUser->can_view_stream_uris = FormHelpers::toBoolean($formData['can-view-stream-uris']);
                 $apiUser->can_use_webhooks = FormHelpers::toBoolean($formData['can-use-webhooks']);
                 $apiUser->owner = trim($formData['owner']);
                 $apiUser->key = $formData['key'];
                 $apiUser->information = FormHelpers::nullIfEmpty($formData['information']);
                 if ($apiUser->save() === false) {
                     throw new Exception("Error saving ApiUser.");
                 }
                 // the transaction callback result is returned out of the transaction function
                 return true;
             } else {
                 $errors = $validator->messages();
                 return false;
             }
         });
         if ($modelCreated) {
             return Redirect::to(Config::get("custom.admin_base_url") . "/apiusers");
         }
         // if not valid then return form again with errors
     }
     $view = View::make('home.admin.apiUsers.edit');
     $view->editing = $editing;
     $view->form = $formData;
     $view->formErrors = $errors;
     $view->cancelUri = Config::get("custom.admin_base_url") . "/apiusers";
     $this->setContent($view, "apiusers", "apiusers-edit");
 }