deblan/pdnsmanager
1
0
Fork 0
Code Issues Pull requests Releases Wiki Activity

Added GET /records/{recordId}/credentials

Browse source
This commit is contained in:
Lukas Metzger 2018-03-31 12:59:12 +02:00
parent 3c6debf882
commit 61430dd1d4
5 changed files with 184 additions and 5 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

46
backend/src/controllers/Credentials.php Normal file
View file

@ -0,0 +1,46 @@
<?php
namespace Controllers;
require '../vendor/autoload.php';
use \Slim\Http\Request as Request;
use \Slim\Http\Response as Response;
class Credentials
{
/** @var \Monolog\Logger */
private $logger;
/** @var \Slim\Container */
private $c;
public function __construct(\Slim\Container $c)
{
$this->logger = $c->logger;
$this->c = $c;
}
public function getList(Request $req, Response $res, array $args)
{
$userId = $req->getAttribute('userId');
$recordId = intval($args['recordId']);
$ac = new \Operations\AccessControl($this->c);
if (!$ac->canAccessRecord($userId, $recordId)) {
$this->logger->info('Non admin user tries to get credentials for record without permission.');
return $res->withJson(['error' => 'You have no permissions for this record.'], 403);
}
$credentials = new \Operations\Credentials($this->c);
$paging = new \Utils\PagingInfo($req->getQueryParam('page'), $req->getQueryParam('pagesize'));
$results = $credentials->getCredentials($paging, $recordId);
return $res->withJson([
'paging' => $paging->toArray(),
'results' => $results
], 200);
}
}

68
backend/src/operations/Credentials.php Normal file
View file

@ -0,0 +1,68 @@
<?php
namespace Operations;
require '../vendor/autoload.php';
/**
* This class provides functions for retrieving and modifying credentials.
*/
class Credentials
{
/** @var \Monolog\Logger */
private $logger;
/** @var \PDO */
private $db;
/** @var \Slim\Container */
private $c;
public function __construct(\Slim\Container $c)
{
$this->logger = $c->logger;
$this->db = $c->db;
$this->c = $c;
}
/**
* Get a list of credentials
*
* @param $pi PageInfo object, which is also updated with total page number
* @param $recordId Id of the record for which the table should be retrieved
*
* @return array Array with credentials
*/
public function getCredentials(\Utils\PagingInfo &$pi, int $recordId) : array
{
//Count elements
if ($pi->pageSize === null) {
$pi->totalPages = 1;
} else {
$query = $this->db->prepare('
SELECT COUNT(*) AS total
FROM remote
WHERE record=:recordId
');
$query->bindValue(':recordId', $recordId, \PDO::PARAM_INT);
$query->execute();
$record = $query->fetch();
$pi->totalPages = ceil($record['total'] / $pi->pageSize);
}
$pageStr = \Services\Database::makePagingString($pi);
$query = $this->db->prepare('SELECT id,description,type FROM remote WHERE record=:recordId ORDER BY id ASC' . $pageStr);
$query->bindValue(':recordId', $recordId, \PDO::PARAM_INT);
$query->execute();
$data = $query->fetchAll();
return array_map(function ($item) {
$item['id'] = intval($item['id']);
return $item;
}, $data);
}
}

2
backend/src/public/index.php
View file

@ -41,6 +41,8 @@ $app->group('/v1', function () {
$this->delete('/records/{recordId}', '\Controllers\Records:delete');
$this->get('/records/{recordId}', '\Controllers\Records:getSingle');
$this->put('/records/{recordId}', '\Controllers\Records:put');
$this->get('/records/{recordId}/credentials', '\Controllers\Credentials:getList');
})->add('\Middlewares\Authentication');
});

48
backend/test/db.sql
View file

@ -3,11 +3,10 @@
-- http://www.phpmyadmin.net
--
-- Host: localhost
-- Generation Time: Mar 24, 2018 at 01:13 PM
-- Generation Time: Mar 31, 2018 at 12:51 PM
-- Server version: 5.7.21-0ubuntu0.16.04.1
-- PHP Version: 7.0.28-0ubuntu0.16.04.1
SET FOREIGN_KEY_CHECKS=0;
SET SQL_MODE = "NO_AUTO_VALUE_ON_ZERO";
SET time_zone = "+00:00";
@ -17,6 +16,10 @@ SET time_zone = "+00:00";
/*!40101 SET @OLD_COLLATION_CONNECTION=@@COLLATION_CONNECTION */;
/*!40101 SET NAMES utf8mb4 */;
--
-- Database: `pdnsnew`
--
-- --------------------------------------------------------
--
@ -144,6 +147,31 @@ INSERT INTO `records` (`id`, `domain_id`, `name`, `type`, `content`, `ttl`, `pri
-- --------------------------------------------------------
--
-- Table structure for table `remote`
--
DROP TABLE IF EXISTS `remote`;
CREATE TABLE `remote` (
`id` int(11) NOT NULL,
`record` int(11) NOT NULL,
`description` varchar(255) NOT NULL,
`type` varchar(20) NOT NULL,
`security` varchar(2000) NOT NULL,
`nonce` varchar(255) DEFAULT NULL
) ENGINE=InnoDB DEFAULT CHARSET=utf8;
--
-- Dumping data for table `remote`
--
INSERT INTO `remote` (`id`, `record`, `description`, `type`, `security`, `nonce`) VALUES
(1, 1, 'Password Test', 'password', '$2y$10$5Gxh6yus9yi/FHpKD4k8Zez.OAhGZoa7JgwOWZ059/kDyBP3vI9aK', NULL),
(2, 4, 'Key Test', 'key', '-----BEGIN PUBLIC KEY-----\nMIICIjANBgkqhkiG9w0BAQEFAAOCAg8AMIICCgKCAgEA5mu3aH90uSXY9sVLgVSz\nKj4FEctrpFDPyVC4ufbJa/44fuLABFe+IizgZUheNBBO7FjpLJYvsL24o6TEeht4\no5j0KHrRHXqp4WQuAL3ZREv/AhNaOC9/xyjoGwUkKkdC2bIfh0J/ACkezxvUrPsh\nbzhzY+co/M9PqlgTbjKjvlv/pRj2dSp98FzUme3HCh7Nn1EOM3yPMtaKNA9Qkkz1\noalfR3xmJjIanoS9zcK77/yyQ8VwI//CgxvnpnWbORZG0B9W2ZBoI8Bj4zprbbFG\nKNmrb403wfDijYF3MXpSMjKvJ5YVuZsn35EWIi5tqFc0oV7Ryy9nBHzKeoYN7Szs\nrXIS5+ZcQDLuN+pqJ7ByVaw4aVn85py8IdO0IYD5xeKd1i0iqm+KSoFTS1jiNSZu\n6iVl4odixWtW7oPLYBbd/vD2F7Ua5cLd12Rs+6kEVtlpnIf7txyFQL4QHYJxB7fI\ny+m70mfufVvKbFh/mHkhe+Arv71ERDMfAV3AD8++axLqYfU/LLFzanjwIBctAA9a\nj++G0lwl1adURwnBeq8+YrMU4/wg9efquKXLR40dU9nkMJOm5tPm+XHt4o3wio4X\n2FqnD57I7qJCWVc00HtpeWno5vHL+eJu0TdxjBuYXnQfwa1z9pWvGaoBtg7tyHgv\ng7YZJzF1MW5N9ZqnkdFJVEsCAwEAAQ==\n-----END PUBLIC KEY-----', NULL),
(3, 1, 'Key Test 2', 'key', '-----BEGIN PUBLIC KEY-----\r\nMIICIjANBgkqhkiG9w0BAQEFAAOCAg8AMIICCgKCAgEA5mu3aH90uSXY9sVLgVSz\r\nKj4FEctrpFDPyVC4ufbJa/44fuLABFe+IizgZUheNBBO7FjpLJYvsL24o6TEeht4\r\no5j0KHrRHXqp4WQuAL3ZREv/AhNaOC9/xyjoGwUkKkdC2bIfh0J/ACkezxvUrPsh\r\nbzhzY+co/M9PqlgTbjKjvlv/pRj2dSp98FzUme3HCh7Nn1EOM3yPMtaKNA9Qkkz1\r\noalfR3xmJjIanoS9zcK77/yyQ8VwI//CgxvnpnWbORZG0B9W2ZBoI8Bj4zprbbFG\r\nKNmrb403wfDijYF3MXpSMjKvJ5YVuZsn35EWIi5tqFc0oV7Ryy9nBHzKeoYN7Szs\r\nrXIS5+ZcQDLuN+pqJ7ByVaw4aVn85py8IdO0IYD5xeKd1i0iqm+KSoFTS1jiNSZu\r\n6iVl4odixWtW7oPLYBbd/vD2F7Ua5cLd12Rs+6kEVtlpnIf7txyFQL4QHYJxB7fI\r\ny+m70mfufVvKbFh/mHkhe+Arv71ERDMfAV3AD8++axLqYfU/LLFzanjwIBctAA9a\r\nj++G0lwl1adURwnBeq8+YrMU4/wg9efquKXLR40dU9nkMJOm5tPm+XHt4o3wio4X\r\n2FqnD57I7qJCWVc00HtpeWno5vHL+eJu0TdxjBuYXnQfwa1z9pWvGaoBtg7tyHgv\r\ng7YZJzF1MW5N9ZqnkdFJVEsCAwEAAQ==\r\n-----END PUBLIC KEY-----', NULL);
-- --------------------------------------------------------
--
-- Table structure for table `supermasters`
--
@ -229,7 +257,7 @@ ALTER TABLE `domains`
-- Indexes for table `permissions`
--
ALTER TABLE `permissions`
ADD PRIMARY KEY (`user_id`, `domain_id`);
ADD PRIMARY KEY (`user_id`,`domain_id`);
--
-- Indexes for table `records`
@ -240,6 +268,12 @@ ALTER TABLE `records`
ADD KEY `domain_id` (`domain_id`),
ADD KEY `ordername` (`ordername`);
--
-- Indexes for table `remote`
--
ALTER TABLE `remote`
ADD PRIMARY KEY (`id`);
--
-- Indexes for table `supermasters`
--
@ -289,6 +323,11 @@ ALTER TABLE `domains`
ALTER TABLE `records`
MODIFY `id` bigint(20) NOT NULL AUTO_INCREMENT, AUTO_INCREMENT=5;
--
-- AUTO_INCREMENT for table `remote`
--
ALTER TABLE `remote`
MODIFY `id` int(11) NOT NULL AUTO_INCREMENT, AUTO_INCREMENT=4;
--
-- AUTO_INCREMENT for table `tsigkeys`
--
ALTER TABLE `tsigkeys`
@ -297,8 +336,7 @@ ALTER TABLE `tsigkeys`
-- AUTO_INCREMENT for table `users`
--
ALTER TABLE `users`
MODIFY `id` int(11) NOT NULL AUTO_INCREMENT, AUTO_INCREMENT=8;SET FOREIGN_KEY_CHECKS=1;
MODIFY `id` int(11) NOT NULL AUTO_INCREMENT, AUTO_INCREMENT=8;
/*!40101 SET CHARACTER_SET_CLIENT=@OLD_CHARACTER_SET_CLIENT */;
/*!40101 SET CHARACTER_SET_RESULTS=@OLD_CHARACTER_SET_RESULTS */;
/*!40101 SET COLLATION_CONNECTION=@OLD_COLLATION_CONNECTION */;

25
backend/test/tests/credentials-get.js Normal file
View file

@ -0,0 +1,25 @@
const test = require('../testlib');
test.run(async function () {
await test('admin', async function (assert, req) {
//Test query
var res = await req({
url: '/records/1/credentials',
method: 'get'
});
assert.equal(res.status, 200, 'Status should be OK');
assert.equal(res.data.results, [
{
id: 1,
description: 'Password Test',
type: 'password'
},
{
id: 3,
description: 'Key Test 2',
type: 'key'
}
], 'Result fail for ' + res.config.url);
});
});