Permalink
Browse files

Api V2: implement /admin/people PATCH with specific paramName/paramVa…

…lue couples depending on user or group.
  • Loading branch information...
1 parent f0d097f commit 5f6800baff0382c68d40f2bbce246e6caa24bd2b @cdujeu cdujeu committed Jul 15, 2016
Oops, something went wrong.
@@ -475,6 +475,9 @@
<action name="people-delete-resource">
<processing><serverCallback methodName="usersAction"/></processing>
</action>
+ <action name="people-patch-resource">
+ <processing><serverCallback methodName="usersAction"/></processing>
+ </action>
<!-- ROLES ACTIONS -->
<action name="create_role">
@@ -363,12 +363,17 @@ public function rolesActions(ServerRequestInterface $requestInterface, ResponseI
}
if(isSet($httpVars["request_body"])){
- $data = $httpVars["request_body"];
+ // This is API V2 : only the role is passed as json body
+ $roleData = $httpVars["request_body"];
+ $data = ["METADATA" => []];
+ $outputRoleOnly = true;
}else{
+ // Other apis: a more complex
$jsonData = TextEncoder::magicDequote($httpVars["json_data"]);
$data = json_decode($jsonData, true);
+ $roleData = $data["ROLE"];
+ $outputRoleOnly = false;
}
- $roleData = $data["ROLE"];
$binariesContext = array();
$parseContext = $ctx;
if (isset($userObject)) {
@@ -451,7 +456,11 @@ public function rolesActions(ServerRequestInterface $requestInterface, ResponseI
}
// Reload Role
$savedValue = RolesService::getRole($originalRole->getId());
- $output = array("ROLE" => $savedValue->getDataArray(true), "SUCCESS" => true);
+ if($outputRoleOnly){
+ $output = $savedValue->getDataArray(true);
+ }else{
+ $output = array("ROLE" => $savedValue->getDataArray(true), "SUCCESS" => true);
+ }
} catch (\Exception $e) {
$output = array("ERROR" => $e->getMessage());
}
@@ -100,7 +100,75 @@ public function peopleApiActions(ServerRequestInterface $requestInterface, Respo
}
return $this->delete($requestInterface->withParsedBody($vars), $responseInterface);
+ }else if($a === "people-patch-resource"){
+
+ $path = $vars["path"];
+ $resType = $vars["request_body"]["resourceType"];
+ $paramName = $vars["request_body"]["parameterName"];
+ $paramValue = $vars["request_body"]["parameterValue"];
+ if($resType === "group" && $paramName === "groupLabel"){
+
+ $requestInterface = $requestInterface
+ ->withAttribute("action", "update_group_label")
+ ->withParsedBody(["group_label" => $paramValue, "group_path" => $path])
+ ;
+
+ }else if($resType === "user"){
+
+ $newVars = ["user_id" => basename($path)];
+ switch($paramName){
+ case "userPass":
+ $newVars["user_pwd"] = $paramValue;
+ $newAction = "update_user_pwd";
+ break;
+ case "userProfile":
+ $newAction = "update_user_profile";
+ $newVars["profile"] = $paramValue;
+ break;
+ case "userLock":
+ list($lockType, $lockValue) = explode(":", $paramValue);
+ $newVars["lock_type"] = $lockType;
+ $newVars["lock"] = $lockValue;
+ $newAction = "user_set_lock";
+ break;
+ case "userAddRole":
+ $newVars["role_id"] = $paramValue;
+ $newAction = "user_add_role";
+ break;
+ case "userRemoveRole":
+ $newVars["role_id"] = $paramValue;
+ $newAction = "user_delete_role";
+ break;
+ case "userRoles":
+ $newVars["roles"] = json_encode($paramValue); // REENCODE JSON LIST OF ROLES
+ $newAction = "user_reorder_roles";
+ break;
+ case "userPreferences":
+ $newAction = "save_user_preference";
+ $i = 0;
+ foreach ($paramValue as $key => $val){
+ $newVars["pref_name_".$i] = $key;
+ $newVars["pref_value_".$i] = $val;
+ $i++;
+ }
+ break;
+ default:
+ throw new PydioException("Arguments mismatch");
+ break;
+ }
+ $requestInterface = $requestInterface
+ ->withAttribute("action", $newAction)
+ ->withParsedBody($newVars);
+
+ }else{
+
+ throw new PydioException("Arguments mismatch");
+
+ }
+ return $this->usersActions($requestInterface, $responseInterface);
+
}
+
return $responseInterface;
}
@@ -180,6 +248,32 @@ public function usersActions(ServerRequestInterface $requestInterface, ResponseI
break;
+ case "update_group_label":
+
+ $currentMainUser = $ctx->getUser();
+ $groupPath = InputFilter::securePath(InputFilter::sanitize($httpVars["group_path"], InputFilter::SANITIZE_DIRNAME));
+ $filteredGroupPath = (!empty($currentMainUser) ? $currentMainUser->getRealGroupPath($groupPath) : $groupPath);
+ ConfService::getConfStorageImpl()->relabelGroup($filteredGroupPath, InputFilter::sanitize($httpVars["group_label"], InputFilter::SANITIZE_FILENAME));
+ $responseInterface = $responseInterface->withBody(new SerializableResponseStream(new UserMessage("Updated label for group ".$filteredGroupPath)));
+
+ break;
+
+ case "update_user_profile":
+
+ if (!isSet($httpVars["user_id"]) || !isSet($httpVars["profile"]) || !UsersService::userExists($httpVars["user_id"]) || trim($httpVars["profile"]) == "") {
+ throw new PydioException($mess["ajxp_conf.61"]);
+ }
+ $profile = InputFilter::sanitize($httpVars["profile"], InputFilter::SANITIZE_ALPHANUM);
+ $userId = InputFilter::sanitize($httpVars["user_id"], InputFilter::SANITIZE_EMAILCHARS);
+ $user = UsersService::getUserById($userId);
+ if($ctx->hasUser() && !$ctx->getUser()->canAdministrate($user)){
+ throw new PydioException("Cannot update user data for ".$userId);
+ }
+ $user->setProfile($profile);
+ $responseInterface = $responseInterface->withBody(new SerializableResponseStream(new UserMessage("Updated profile for user ".$userId)));
+
+ break;
+
case "user_set_lock" :
$userId = InputFilter::decodeSecureMagic($httpVars["user_id"]);
@@ -328,6 +422,17 @@ public function usersActions(ServerRequestInterface $requestInterface, ResponseI
if($ctx->hasUser() && !$ctx->getUser()->canAdministrate($user)){
throw new \Exception("Cannot update user data for ".$userId);
}
+
+
+ // UPDATE ROLES
+ $currentRoles = array_filter(array_keys($user->getRoles()), function($rId){return strpos($rId, "AJXP_GRP_/")!==0 && strpos($rId, "AJXP_USR_/")!==0;});
+ $newRoles = array_diff($roles, $currentRoles);
+ foreach($newRoles as $r) $user->addRole(RolesService::getRole($r));
+ $removeRoles = array_diff($currentRoles, $roles);
+ foreach($removeRoles as $r) {
+ $user->removeRole($r);
+ }
+ // REORDER ROLES
$user->updateRolesOrder($roles);
$user->save("superuser");
$loggedUser = $ctx->getUser();

0 comments on commit 5f6800b

Please sign in to comment.