/**
* @inheritdoc
*/
public function exec(Server $server, ConnectionInterface $db, CacheInterface $cache)
{
$operations = array();
foreach ($server->config('application.operations') as $path => $op) {
/* @var \Rocker\REST\OperationInterface $operation */
$operation = new $op(null);
$operations[] = array('class' => $op, 'methods' => implode(',', $operation->allowedMethods()), 'path' => $path);
}
return new OperationResponse(200, $operations);
}
/**
* @param $data
* @param Server $server
* @return \Rocker\Object\User\UserInterface|null
*/
public function rc4Auth($data, $server)
{
$conf = $server->config('application.auth');
$parts = explode(':', RC4Cipher::decrypt($conf['secret'], base64_decode($data)));
if (count($parts) == 2 && !is_numeric($parts[0])) {
// don't allow to login using user id
$user = $this->userFactory->load($parts[0]);
if ($user !== null && $user->hasPassword($parts[1])) {
return $user;
}
}
return null;
}
/**
* @param OperationInterface $op
* @return bool
*/
private function authenticate(OperationInterface $op, Server $server)
{
/* @var AuthenticatorInterface $authenticator */
$authConfig = $this->server->config('application.auth');
$authenticator = new $authConfig['class']();
$user = $authenticator->auth($this->server, $this->db, $this->cache);
if (empty($user) || $op->requiresAdminAuth() && !$user->isAdmin()) {
return false;
}
$op->setAuthenticatedUser($user);
$server->setAuthenticatedUser($user);
return true;
}
/**
* @inheritdoc
*/
public function exec(Server $server, ConnectionInterface $db, CacheInterface $cache)
{
// add possible config
$this->setConfig($server->config('application.user_object'));
// Create user factory
if (empty($this->conf['factory'])) {
$this->userFactory = new UserFactory($db, $cache);
} else {
$this->userFactory = new $this->conf['factory']($db, $cache);
}
$method = $this->request->getMethod();
$requestedUser = $this->requestedObject() ? $this->userFactory->load($this->requestedObject()) : false;
if (($method == 'POST' || $method == 'DELETE') && $requestedUser && !$this->user->isAdmin() && !$this->user->isEqual($requestedUser)) {
return new OperationResponse(401, array('error' => 'Only admins can edit/remove other users'));
}
if ($method == 'DELETE' && $requestedUser && $requestedUser->isAdmin()) {
return new OperationResponse(403, array('error' => 'A user with admin privileges can not be removed. You have to remove admin privileges first (/api/admin)'));
}
// Trigger event
$server->triggerEvent(strtolower($method) . '.user', $db, $cache);
return parent::exec($server, $db, $cache);
}
/**
* @param Server $server
* @param array $content
* @param ConnectionInterface $db
* @param CacheInterface $cache
* @return array
*/
public static function userFilter($server, $content, $db, $cache)
{
if (isset($content['meta']['files'])) {
$fileConf = $server->config('application.files');
foreach ($content['meta']['files'] as $id => $file) {
$content['meta']['files'][$id]['location'] = $fileConf['base'] . $file['name'];
}
}
return $content;
}
