/** @inheritdoc */ protected function handlePOST() { if (!Session::isSysAdmin()) { throw new UnauthorizedException('You are not authorized to perform this action.'); } return parent::handlePOST(); }
protected static function getApps() { if (SessionUtilities::isAuthenticated()) { $user = SessionUtilities::user(); $defaultAppId = $user->default_app_id; if (SessionUtilities::isSysAdmin()) { $appGroups = AppGroupModel::with(['app_by_app_to_app_group' => function ($q) { $q->whereIsActive(1)->whereNotIn('type', [AppTypes::NONE]); }])->get(); $apps = AppModel::whereIsActive(1)->whereNotIn('type', [AppTypes::NONE])->get(); } else { $userId = $user->id; $userAppRoles = UserAppRole::whereUserId($userId)->whereNotNull('role_id')->get(['app_id']); $appIds = []; foreach ($userAppRoles as $uar) { $appIds[] = $uar->app_id; } $appIdsString = implode(',', $appIds); $appIdsString = empty($appIdsString) ? '-1' : $appIdsString; $typeString = implode(',', [AppTypes::NONE]); $typeString = empty($typeString) ? '-1' : $typeString; $appGroups = AppGroupModel::with(['app_by_app_to_app_group' => function ($q) use($appIdsString, $typeString) { $q->whereRaw("(app.id IN ({$appIdsString}) OR role_id > 0) AND is_active = 1 AND type NOT IN ({$typeString})"); }])->get(); $apps = AppModel::whereRaw("(app.id IN ({$appIdsString}) OR role_id > 0) AND is_active = 1 AND type NOT IN ({$typeString})")->get(); } } else { $appGroups = AppGroupModel::with(['app_by_app_to_app_group' => function ($q) { $q->where('role_id', '>', 0)->whereIsActive(1)->whereNotIn('type', [AppTypes::NONE]); }])->get(); $apps = AppModel::whereIsActive(1)->where('role_id', '>', 0)->whereNotIn('type', [AppTypes::NONE])->get(); } if (empty($defaultAppId)) { $systemConfig = SystemConfig::first(['default_app_id']); $defaultAppId = !empty($systemConfig) ? $systemConfig->default_app_id : null; } $inGroups = []; $groupedApps = []; $noGroupedApps = []; foreach ($appGroups as $appGroup) { $appArray = $appGroup->getRelation('app_by_app_to_app_group')->toArray(); if (!empty($appArray)) { $appInfo = []; foreach ($appArray as $app) { $inGroups[] = $app['id']; $appInfo[] = static::makeAppInfo($app, $defaultAppId); } $groupedApps[] = ['id' => $appGroup->id, 'name' => $appGroup->name, 'description' => $appGroup->description, 'app' => $appInfo]; } } /** @type AppModel $app */ foreach ($apps as $app) { if (!in_array($app->id, $inGroups)) { $noGroupedApps[] = static::makeAppInfo($app->toArray(), $defaultAppId); } } return [$groupedApps, $noGroupedApps]; }
/** * {@inheritdoc} */ protected function handleGET() { if (!SessionUtility::isAuthenticated()) { throw new NotFoundException('No user session found.'); } if (!SessionUtility::isSysAdmin()) { throw new UnauthorizedException('You are not authorized to perform this action.'); } return parent::handleGET(); }
public function testApiKeyUserRole() { $user = ['name' => 'John Doe', 'first_name' => 'John', 'last_name' => 'Doe', 'email' => '*****@*****.**', 'password' => 'test1234', 'security_question' => 'Make of your first car?', 'security_answer' => 'mazda', 'is_active' => true]; $role = ['name' => 'test_role', 'is_active' => true, 'role_service_access_by_role_id' => [['service_id' => 1, 'component' => 'config', 'verb_mask' => 1, 'requestor_mask' => 1]]]; $this->service = ServiceHandler::getService('system'); $rs = $this->makeRequest(Verbs::POST, 'user', [], [$user]); $data = $rs->getContent(); $userId = Arr::get($data, static::$wrapper . '.0.id'); $this->service = ServiceHandler::getService('system'); $rs = $this->makeRequest(Verbs::POST, 'role', [], [$role]); $data = $rs->getContent(); $roleId = Arr::get($data, static::$wrapper . '.0.id'); \DreamFactory\Core\Models\UserAppRole::create(['user_id' => $userId, 'app_id' => 1, 'role_id' => $roleId]); $app = App::find(1); $apiKey = $app->api_key; $myUser = User::find($userId); $token = JWTUtilities::makeJWTByUser($myUser->id, $myUser->email); $this->call(Verbs::GET, '/api/v2/system', [], [], [], ['HTTP_X_DREAMFACTORY_API_KEY' => $apiKey, 'HTTP_X_DREAMFACTORY_SESSION_TOKEN' => $token]); $this->assertFalse(Session::isSysAdmin()); $this->assertEquals($roleId, Session::get('role.id')); $rsa = Session::get('role.services'); $this->assertTrue(!empty($rsa)); }