private function checkApiAccess(Request $request)
{
$key = $request->headers->get('authorization');
if (null !== $key) {
$key = substr($key, 6);
}
$apiAccount = ApiQuery::create()->findOneByApiKey($key);
if (null === $apiAccount) {
throw new UnauthorizedHttpException('Token');
}
$secureKey = pack('H*', $apiAccount->getSecureKey());
$sign = hash_hmac('sha1', $request->getContent(), $secureKey);
if ($sign != $request->query->get('sign')) {
throw new PreconditionFailedHttpException('wrong body request signature');
}
return $apiAccount;
}
/**
* Performs an INSERT on the database, given a Api or Criteria object.
*
* @param mixed $criteria Criteria or Api object containing data that is used to create the INSERT statement.
* @param ConnectionInterface $con the ConnectionInterface connection to use
* @return mixed The new primary key.
* @throws PropelException Any exceptions caught during processing will be
* rethrown wrapped into a PropelException.
*/
public static function doInsert($criteria, ConnectionInterface $con = null)
{
if (null === $con) {
$con = Propel::getServiceContainer()->getWriteConnection(ApiTableMap::DATABASE_NAME);
}
if ($criteria instanceof Criteria) {
$criteria = clone $criteria;
// rename for clarity
} else {
$criteria = $criteria->buildCriteria();
// build Criteria from Api object
}
if ($criteria->containsKey(ApiTableMap::ID) && $criteria->keyContainsValue(ApiTableMap::ID)) {
throw new PropelException('Cannot insert a value for auto-increment primary key (' . ApiTableMap::ID . ')');
}
// Set the correct dbName
$query = ApiQuery::create()->mergeWith($criteria);
try {
// use transaction because $criteria could contain info
// for more than one table (I guess, conceivably)
$con->beginTransaction();
$pk = $query->doInsert($con);
$con->commit();
} catch (PropelException $e) {
$con->rollBack();
throw $e;
}
return $pk;
}
protected function getSignParameter($content)
{
$api = ApiQuery::create()->findOneByApiKey(self::API_KEY);
$secureKey = pack('H*', $api->getSecureKey());
return hash_hmac('sha1', $content, $secureKey);
}
/**
* Returns the number of related Api objects.
*
* @param Criteria $criteria
* @param boolean $distinct
* @param ConnectionInterface $con
* @return int Count of related Api objects.
* @throws PropelException
*/
public function countApis(Criteria $criteria = null, $distinct = false, ConnectionInterface $con = null)
{
$partial = $this->collApisPartial && !$this->isNew();
if (null === $this->collApis || null !== $criteria || $partial) {
if ($this->isNew() && null === $this->collApis) {
return 0;
}
if ($partial && !$criteria) {
return count($this->getApis());
}
$query = ChildApiQuery::create(null, $criteria);
if ($distinct) {
$query->distinct();
}
return $query->filterByProfile($this)->count($con);
}
return count($this->collApis);
}
protected function renderList($api_id = null)
{
$apiAccessList = ApiQuery::create()->find()->toArray();
return $this->render('api', ['api_list' => $apiAccessList, 'api_id' => $api_id]);
}
/**
* Removes this object from datastore and sets delete attribute.
*
* @param ConnectionInterface $con
* @return void
* @throws PropelException
* @see Api::setDeleted()
* @see Api::isDeleted()
*/
public function delete(ConnectionInterface $con = null)
{
if ($this->isDeleted()) {
throw new PropelException("This object has already been deleted.");
}
if ($con === null) {
$con = Propel::getServiceContainer()->getWriteConnection(ApiTableMap::DATABASE_NAME);
}
$con->beginTransaction();
try {
$deleteQuery = ChildApiQuery::create()->filterByPrimaryKey($this->getPrimaryKey());
$ret = $this->preDelete($con);
if ($ret) {
$deleteQuery->delete($con);
$this->postDelete($con);
$con->commit();
$this->setDeleted(true);
} else {
$con->commit();
}
} catch (Exception $e) {
$con->rollBack();
throw $e;
}
}
