Skip to content

Commit

Permalink
Merge pull request #91 from SaoussenBlk/hook-components
Browse files Browse the repository at this point in the history
  • Loading branch information
@GhaziTriki
GhaziTriki authored Apr 1, 2022
2 parents a94465f + 2dbf6c8 commit 431b8ea
Show file tree
Hide file tree
Showing 52 changed files with 1,848 additions and 2,096 deletions.
2 changes: 0 additions & 2 deletions hivelvet-backend/app/config/default.ini
View file
Original file line number Diff line number Diff line change
Expand Up @@ -83,6 +83,4 @@ bbb.shared_secret = unsecure_shared_secret_to_change_immediately
server.host =

; configuration extension to detect whether the platform was installed or not
; must be set to "-install" when installing by the script then put to "" after install
config.extension =
;config.extension = -install
2 changes: 1 addition & 1 deletion hivelvet-backend/app/src/Actions/Account/GetResetPasswordToken.php
View file
Original file line number Diff line number Diff line change
Expand Up @@ -53,7 +53,7 @@ public function execute($f3, $params): void
if (!$resetToken->dry() && $resetToken->isUsable()) {
$this->logger->info('Valid token used for password reset', ['token' => $token, 'status' => $resetToken->status, 'expires_at' => $resetToken->expires_at]);
$dataIsValid = true;
$this->renderJson(['token' => $token, ResponseCode::HTTP_OK]);
$this->renderJson(['token' => $token]);
} elseif (!$resetToken->dry() && !$resetToken->isUsable() && ResetTokenStatus::NEW === $resetToken->status) {
$this->logger->warning('Marking not used in time password reset token as expired.', ['token' => $token, 'status' => $resetToken->status, 'expires_at' => $resetToken->expires_at]);
$resetToken->status = ResetTokenStatus::EXPIRED;
Expand Down
9 changes: 4 additions & 5 deletions hivelvet-backend/app/src/Actions/Account/Login.php
View file
Original file line number Diff line number Diff line change
Expand Up @@ -51,24 +51,23 @@ public function authorise($f3): void
$user = $user->getByEmail($email);
$this->logger->info('Login attempt using email', ['email' => $email]);
// Check if the user exists
if ($user->valid() && UserStatus::ACTIVE === $user->status && UserRole::API !== $user->role_id->name && $user->verifyPassword($form['password'])) {
if ($user->valid() && UserStatus::ACTIVE === $user->status && $user->verifyPassword($form['password'])) {
// @todo: test UserRole::API !== $user->role->name
// valid credentials
$this->session->authorizeUser($user);

$user->last_login = Time::db();
$user->save();

// @todo: store role in redis cache to allow routes
/** @var Role $role */
$role = $user->role_id;
$this->f3->set('role', $role->name);
$this->f3->set('role', $user->role->name);

// @todo: store locale in user prefs table
// $this->session->set('locale', $user->locale);
$userInfos = [
'username' => $user->username,
'email' => $user->email,
'role' => $role->name,
'role' => $user->role->name,
];
$this->logger->info('User successfully logged in', ['email' => $email]);
$this->renderJson($userInfos);
Expand Down
28 changes: 9 additions & 19 deletions hivelvet-backend/app/src/Actions/Account/Register.php
View file
Original file line number Diff line number Diff line change
Expand Up @@ -36,10 +36,7 @@ class Register extends BaseAction
{
public function signup($f3): void
{
// @fixme: must comply to user creation policy
$user = new User();
$form = $this->getDecodedBody()['data'];

$form = $this->getDecodedBody()['data'];
$dataChecker = new DataChecker();

$dataChecker->verify($form['username'], Validator::length(4)->setName('username'));
Expand All @@ -51,18 +48,11 @@ public function signup($f3): void
$dataChecker->verify($form['agreement'], Validator::trueVal()->setName('agreement'));

if ($dataChecker->allValid()) {
$users = $user->find(['username = ? or email = ?', $form['username'], $form['email']]);
if ($users) {
$users = $users->castAll();
if (count($users) == 1) {
$usernameExist = $users[0]['username'] == $form['username'];
$emailExist = $users[0]['email'] == $form['email'];
$message = ($usernameExist && $emailExist) ? 'username and email already exist' : ($usernameExist ? 'username already exist' : 'email already exist');
} else {
$message = 'username and email already exist';
}
$this->logger->error('Registration error : user could not be added', ['error' => $message]);
$this->renderJson(['message' => $message], ResponseCode::HTTP_BAD_REQUEST);
$user = new User();
$error = $user->usernameOrEmailExists($form['username'], $form['email']);
if ($error) {
$this->logger->error('Registration error : user could not be added', ['error' => $error]);
$this->renderJson(['message' => $error], ResponseCode::HTTP_PRECONDITION_FAILED);
} else {
$user->email = $form['email'];
$user->username = $form['username'];
Expand All @@ -75,16 +65,16 @@ public function signup($f3): void
} catch (\Exception $e) {
$message = 'user could not be added';
$this->logger->error('Registration error : user could not be added', ['user' => $user->toArray(), 'error' => $e->getMessage()]);
$this->renderJson(['message' => $message], ResponseCode::HTTP_BAD_REQUEST);
$this->renderJson(['message' => $message], ResponseCode::HTTP_INTERNAL_SERVER_ERROR);

return;
}
$this->logger->info('user successfully registered', ['user' => $user->toArray()]);
$this->renderJson(['result' => 'success']);
$this->renderJson(['result' => 'success', ResponseCode::HTTP_CREATED]);
}
} else {
$this->logger->error('Registration error', ['errors' => $dataChecker->getErrors()]);
$this->renderJson(['errors' => $dataChecker->getErrors()], ResponseCode::HTTP_BAD_REQUEST);
$this->renderJson(['errors' => $dataChecker->getErrors()], ResponseCode::HTTP_UNPROCESSABLE_ENTITY);
}
}
}
6 changes: 3 additions & 3 deletions hivelvet-backend/app/src/Actions/Account/ResetPassword.php
View file
Original file line number Diff line number Diff line change
Expand Up @@ -74,14 +74,14 @@ public function execute($f3): void
$mailSent->send('common/reset_password', $emailTokens, $email, 'reset password', 'reset password');
$this->logger->info('mail', ['mail' => $mailSent]);
if ($mailSent) {
$this->renderJson(['message' => 'Please check your email to reset your password'], ResponseCode::HTTP_OK);
$this->renderJson(['message' => 'Please check your email to reset your password']);
}
}
} else {
// email invalid or user no exist
$message = 'User does not exist with this email';
$this->logger->error('Login error : user could not logged', ['error' => $message]);
$this->renderJson(['message' => $message], ResponseCode::HTTP_INTERNAL_SERVER_ERROR);
$this->logger->error('Reset password error : user not exist', ['error' => $message]);
$this->renderJson(['message' => $message], ResponseCode::HTTP_NOT_FOUND);
}
}
}
2 changes: 1 addition & 1 deletion hivelvet-backend/app/src/Actions/Base.php
View file
Original file line number Diff line number Diff line change
Expand Up @@ -229,7 +229,7 @@ protected function isApiUserVerified(): bool
return
$user->valid()
&& UserStatus::ACTIVE === $user->status
&& UserRole::API === $user->role_id->name
// && UserRole::API === $user->role_id->name
&& $user->verifyPassword($credentials[1]);
}

Expand Down
5 changes: 2 additions & 3 deletions hivelvet-backend/app/src/Actions/Core/Install.php
View file
Original file line number Diff line number Diff line change
Expand Up @@ -24,7 +24,6 @@

use Actions\Base as BaseAction;
use Enum\ResponseCode;
use Enum\UserRole;
use Enum\UserStatus;
use Models\PresetSetting;
use Models\Role;
Expand Down Expand Up @@ -130,8 +129,8 @@ public function execute($f3, $params): void

// load admin role to allow privileges and assign it to admin user
$roleAdmin = new Role();
$roleAdmin->load(['name = ?', [UserRole::ADMINISTRATOR]]);
if($roleAdmin->valid()) {
$roleAdmin->load(['id = ?', [1]]);
if ($roleAdmin->valid()) {
// allow all privileges to admin role
$allPrivileges = PrivilegeUtils::listSystemPrivileges();
$result = $roleAdmin->saveRoleAndPermissions($allPrivileges);
Expand Down
11 changes: 2 additions & 9 deletions hivelvet-backend/app/src/Actions/Roles/Add.php
View file
Original file line number Diff line number Diff line change
Expand Up @@ -56,7 +56,7 @@ public function save($f3, $params): void
$role->name = $form['name'];
if ($checkRole->nameExists($role->name)) {
$this->logger->error('Role could not be added', ['error' => 'Name already exist']);
$this->renderJson(['errors' => ['name' => 'Name already exist']], ResponseCode::HTTP_INTERNAL_SERVER_ERROR);
$this->renderJson(['errors' => ['name' => 'Name already exist']], ResponseCode::HTTP_PRECONDITION_FAILED);
} else {
try {
$result = $role->saveRoleAndPermissions($form['permissions']);
Expand All @@ -71,14 +71,7 @@ public function save($f3, $params): void

return;
}

$result = [
'key' => $role->id,
'name' => $role->name,
'users' => $role->getRoleUsers(),
'permissions' => $role->getRolePermissions(),
];
$this->renderJson(['result' => 'success', 'role' => $result]);
$this->renderJson(['result' => 'success', 'role' => $role->getRoleInfos()], ResponseCode::HTTP_CREATED);
}
} else {
$this->renderJson(['errors' => $dataChecker->getErrors()], ResponseCode::HTTP_UNPROCESSABLE_ENTITY);
Expand Down
10 changes: 2 additions & 8 deletions hivelvet-backend/app/src/Actions/Roles/Edit.php
View file
Original file line number Diff line number Diff line change
Expand Up @@ -62,7 +62,7 @@ public function save($f3, $params): void

if ($checkRole->nameExists($role->name, $role->id)) {
$this->logger->error('Role could not be updated', ['error' => 'Name already exist']);
$this->renderJson(['errors' => ['name' => 'Name already exist']], ResponseCode::HTTP_INTERNAL_SERVER_ERROR);
$this->renderJson(['errors' => ['name' => 'Name already exist']], ResponseCode::HTTP_PRECONDITION_FAILED);

return;
}
Expand Down Expand Up @@ -152,13 +152,7 @@ public function save($f3, $params): void

$this->logger->info('Role successfully updated', ['role' => $role->toArray()]);
$role = $this->loadData($role_id);
$result = [
'key' => $role->id,
'name' => $role->name,
'users' => $role->getRoleUsers(),
'permissions' => $role->getRolePermissions(),
];
$this->renderJson(['result' => 'success', 'role' => $result]);
$this->renderJson(['result' => 'success', 'role' => $role->getRoleInfos()]);
} else {
$this->renderJson([], ResponseCode::HTTP_NOT_FOUND);
}
Expand Down
24 changes: 8 additions & 16 deletions hivelvet-backend/app/src/Actions/Users/Add.php
View file
Original file line number Diff line number Diff line change
Expand Up @@ -54,19 +54,11 @@ public function save($f3, $params): void
$dataChecker->verify($form['role'], Validator::notEmpty()->setName('role'));

if ($dataChecker->allValid()) {
$user = new User();
$users = $user->find(['username = ? or email = ?', $form['username'], $form['email']]);
if ($users) {
$users = $users->castAll();
if (count($users) == 1) {
$usernameExist = $users[0]['username'] == $form['username'];
$emailExist = $users[0]['email'] == $form['email'];
$message = ($usernameExist && $emailExist) ? 'username and email already exist' : ($usernameExist ? 'username already exist' : 'email already exist');
} else {
$message = 'username and email already exist';
}
$this->logger->error('User could not be added', ['error' => $message]);
$this->renderJson(['message' => $message], ResponseCode::HTTP_BAD_REQUEST);
$user = new User();
$error = $user->usernameOrEmailExists($form['username'], $form['email']);
if ($error) {
$this->logger->error('User could not be added', ['error' => $error]);
$this->renderJson(['message' => $error], ResponseCode::HTTP_PRECONDITION_FAILED);
} else {
$role = new Role();
$role->load(['id = ?', [$form['role']]]);
Expand All @@ -82,18 +74,18 @@ public function save($f3, $params): void
} catch (\Exception $e) {
$message = 'user could not be added';
$this->logger->error('User could not be added', ['user' => $user->toArray(), 'error' => $e->getMessage()]);
$this->renderJson(['message' => $message], ResponseCode::HTTP_BAD_REQUEST);
$this->renderJson(['message' => $message], ResponseCode::HTTP_INTERNAL_SERVER_ERROR);

return;
}

$this->logger->info('User successfully added', ['user' => $user->toArray()]);
$this->renderJson(['result' => 'success', 'user' => $user->getUserInfos($user->id)]);
$this->renderJson(['result' => 'success', 'user' => $user->getUserInfos($user->id)], ResponseCode::HTTP_CREATED);
}
}
} else {
$this->logger->error('Add user error', ['errors' => $dataChecker->getErrors()]);
$this->renderJson(['errors' => $dataChecker->getErrors()], ResponseCode::HTTP_BAD_REQUEST);
$this->renderJson(['errors' => $dataChecker->getErrors()], ResponseCode::HTTP_UNPROCESSABLE_ENTITY);
}
}
}
6 changes: 3 additions & 3 deletions hivelvet-backend/app/src/Actions/Users/Delete.php
View file
Original file line number Diff line number Diff line change
Expand Up @@ -26,7 +26,6 @@
use Actions\RequirePrivilegeTrait;
use Enum\ResponseCode;
use Enum\UserStatus;
use Models\Role;
use Models\User;

/**
Expand All @@ -43,12 +42,13 @@ public function execute($f3, $params): void
$user->load(['id = ?', $user_id]);
if ($user->valid()) {
$user->status = UserStatus::DELETED;

try {
$user->save();
} catch (\Exception $e) {
$message = 'user could not be deleted';
$this->logger->error('Registration error : user could not be deleted', ['user' => $user->toArray(), 'error' => $e->getMessage()]);
$this->renderJson(['message' => $message], ResponseCode::HTTP_BAD_REQUEST);
$this->logger->error('User could not be deleted', ['user' => $user->toArray(), 'error' => $e->getMessage()]);
$this->renderJson(['message' => $message], ResponseCode::HTTP_INTERNAL_SERVER_ERROR);

return;
}
Expand Down
36 changes: 18 additions & 18 deletions hivelvet-backend/app/src/Actions/Users/Edit.php
View file
Original file line number Diff line number Diff line change
Expand Up @@ -26,7 +26,6 @@
use Actions\RequirePrivilegeTrait;
use Base;
use Enum\ResponseCode;
use Enum\UserStatus;
use Models\Role;
use Models\User;
use Respect\Validation\Validator;
Expand All @@ -45,11 +44,11 @@ class Edit extends BaseAction
*/
public function save($f3, $params): void
{
$body = $this->getDecodedBody();
$form = $body['data'];
$body = $this->getDecodedBody();
$form = $body['data'];

$id = $params['id'];
$user = $this->loadData($id);
$id = $params['id'];
$user = $this->loadData($id);

if ($user->valid()) {
$dataChecker = new DataChecker();
Expand All @@ -61,34 +60,35 @@ public function save($f3, $params): void

if ($dataChecker->allValid()) {
$checkUser = new User();
$users = $checkUser->find(['(username = ? and id != ?) or (email = ? and id != ?)', $form['username'], $id, $form['email'], $id]);
$users = $checkUser->find(['(username = ? and id != ?) or (email = ? and id != ?)', $form['username'], $id, $form['email'], $id]);
if ($users) {
$users = $users->castAll();
if (count($users) == 1) {
$usernameExist = $users[0]['username'] == $form['username'];
$emailExist = $users[0]['email'] == $form['email'];
$message = ($usernameExist && $emailExist) ?
['username' => 'username already exist','email' => 'email already exist'] :
if (1 === \count($users)) {
$usernameExist = $users[0]['username'] === $form['username'];
$emailExist = $users[0]['email'] === $form['email'];
$message = ($usernameExist && $emailExist) ?
['username' => 'username already exist', 'email' => 'email already exist'] :
($usernameExist ? ['username' => 'username already exist'] : ['email' => 'email already exist']);
} else {
$message = ['username' => 'username already exist','email' => 'email already exist'];
$message = ['username' => 'username already exist', 'email' => 'email already exist'];
}
$this->logger->error('User could not be updated', ['error' => $message]);
$this->renderJson(['errors' => $message], ResponseCode::HTTP_BAD_REQUEST);
$this->renderJson(['errors' => $message], ResponseCode::HTTP_PRECONDITION_FAILED);
} else {
$role = new Role();
$role->load(['id = ?', [$form['role']]]);
if ($role->valid()) {
$user->email = $form['email'];
$user->email = $form['email'];
$user->username = $form['username'];
$user->status = $form['status'];
$user->role_id = $role->id;
$user->status = $form['status'];
$user->role_id = $role->id;

try {
$user->save();
} catch (\Exception $e) {
$message = 'user could not be updated';
$this->logger->error('User could not be updated', ['user' => $user->toArray(), 'error' => $e->getMessage()]);
$this->renderJson(['errors' => $message], ResponseCode::HTTP_BAD_REQUEST);
$this->renderJson(['errors' => $message], ResponseCode::HTTP_INTERNAL_SERVER_ERROR);

return;
}
Expand All @@ -99,7 +99,7 @@ public function save($f3, $params): void
}
} else {
$this->logger->error('Update user error', ['errors' => $dataChecker->getErrors()]);
$this->renderJson(['errors' => $dataChecker->getErrors()], ResponseCode::HTTP_BAD_REQUEST);
$this->renderJson(['errors' => $dataChecker->getErrors()], ResponseCode::HTTP_UNPROCESSABLE_ENTITY);
}
} else {
$this->renderJson([], ResponseCode::HTTP_NOT_FOUND);
Expand Down
6 changes: 3 additions & 3 deletions hivelvet-backend/app/src/Actions/Users/Index.php
View file
Original file line number Diff line number Diff line change
Expand Up @@ -41,11 +41,11 @@ class Index extends BaseAction
*/
public function show($f3, $params): void
{
$user = new User();
$users = $user->getAllUsers();
$user = new User();
$users = $user->getAllUsers();

$userStatus = new UserStatus();
$states = $userStatus::values();
$states = $userStatus::values();

$this->logger->debug('collecting users', ['users' => json_encode($users)]);
$this->renderJson(['users' => $users, 'states' => $states]);
Expand Down
5 changes: 1 addition & 4 deletions hivelvet-backend/app/src/Core/Session.php
View file
Original file line number Diff line number Diff line change
Expand Up @@ -26,7 +26,6 @@
use DB\SQL;
use DB\SQL\Session as SQLSession;
use Log\LogWriterTrait;
use Models\Role;
use Models\User;
use Prefab;
use Session as F3Session;
Expand Down Expand Up @@ -133,10 +132,8 @@ public function isLoggedIn(): bool
*/
public function authorizeUser($user): void
{
/** @var Role $role */
$role = $user->role_id;
$this->set('user.id', $user->id);
$this->set('user.role', $role->name);
$this->set('user.role', $user->role->name);
$this->set('user.username', $user->username);
$this->set('user.email', $user->email);
$this->set('user.loggedIn', true);
Expand Down
Loading

0 comments on commit 431b8ea

Please sign in to comment.