Added backoffice reset and some adjustments

andrewnicols · Feb 8, 2023 · e122b9c · e122b9c
1 parent 1ee4237
commit e122b9c
Show file tree

Hide file tree

Showing 8 changed files with 141 additions and 28 deletions.
diff --git a/application/src/Controller/BackOfficeController.php b/application/src/Controller/BackOfficeController.php
@@ -2,7 +2,12 @@
 
 namespace App\Controller;
 
+use App\Entity\Externalids;
+use App\Entity\Medias;
 use App\Entity\Passwords;
+use App\Entity\Roommembers;
+use App\Entity\Rooms;
+use App\Entity\Threepids;
 use App\Entity\Tokens;
 use App\Entity\Users;
 use App\Traits\GeneralTrait;
@@ -21,12 +26,12 @@ class BackOfficeController extends AbstractController {
     /**
      * Create admin user.
      *
-     * @Route("/create-admin", name="createAdmin")
+     * @Route("/create-admin", name="backOfficeCreateAdmin")
      * @param string $serverID
      * @param Request $request
      * @return JsonResponse
      */
-    public function createAdmin(string $serverID, Request $request) {
+    public function backOfficeCreateAdmin(string $serverID, Request $request) : JsonResponse {
         $method = $request->getMethod();
         if ($method === 'POST') {
             $entityManager = $this->getDoctrine()->getManager();
@@ -67,6 +72,7 @@ public function createAdmin(string $serverID, Request $request) {
                 // New user, or existing user without any associated Tokens.
                 $passwords = new Passwords();
                 $passwords->setPassword($password['token']);
+                $passwords->setServerid($serverID);
 
                 $user->addPasswords($passwords);
                 $user->setPasswordpattern($password['pattern']);
@@ -87,4 +93,36 @@ public function createAdmin(string $serverID, Request $request) {
             );
         }
     }
+
+    /**
+     * @Route("/reset", name="backOfficeReset")
+     * @param string $serverID
+     * @return JsonResponse
+     */
+    public function backOfficeReset(string $serverID) : JsonResponse
+    {
+        $entities = [
+            Users::class,
+            Tokens::class,
+            Passwords::class,
+            Rooms::class,
+            Roommembers::class,
+            Threepids::class,
+            Externalids::class,
+            Medias::class
+        ];
+
+        $entityManager = $this->getDoctrine()->getManager();
+        foreach ($entities as $entityClass) {
+            $entities = $this->getDoctrine()
+                ->getRepository($entityClass)
+                ->findBy(['serverid' => $serverID]);
+            foreach ($entities as $entity) {
+                $entityManager->remove($entity);
+                $entityManager->flush();
+            }
+        }
+
+        return new JsonResponse((object) ['reset' => true]);
+    }
 }
diff --git a/application/src/Controller/MatrixController.php b/application/src/Controller/MatrixController.php
@@ -42,7 +42,7 @@ public function endpoint(): JsonResponse
      * @param Request $request
      * @return JsonResponse
      */
-    public function login(string $serverID, Request $request): JsonResponse {
+    public function login(string $serverID, Request $request) : JsonResponse {
         $payload = json_decode($request->getContent());
         $check = $this->validateRequest((array)$payload, ['identifier', 'type']);
         if (!$check['status']) {
@@ -59,8 +59,8 @@ public function login(string $serverID, Request $request): JsonResponse {
         if ($payload->type === 'm.login.password') {
             if (!isset($payload->password)) {
                 return new JsonResponse((object) [
-                    'errcode' => 'M_UNKNOWN',
-                    'error' => '"Password" is required.'
+                    'errcode' => 'M_INVALID_PARAM',
+                    'error' => 'Bad parameter: password'
                 ], 400);
             }
 
@@ -87,21 +87,23 @@ public function login(string $serverID, Request $request): JsonResponse {
                 // then generate a new refresh_token.
                 if (isset($payload->refresh_token) && $payload->refresh_token === true) {
                     $token->setRefreshToken($this->generateToken('refresh-token'));
-                    $entityManager->persist($token);
-                    $entityManager->flush();
-
                     $response['refresh_token'] = $token->getRefreshToken();
                 }
+
+                $token->setAccessToken($this->generateToken('access-token'));
+                $entityManager->persist($token);
+                $entityManager->flush();
+
                 $response['user_id'] = $user->getUserid();
                 $response['access_token'] = $token->getAccesstoken();
-                $response['refresh_token'] = $token->getRefreshtoken();
+                // $response['refresh_token'] = $token->getRefreshtoken();
                 $response['home_server'] = $request->getHost();
 
                 return new JsonResponse((object) $response, 200);
             } else {
                 return new JsonResponse((object) [
-                    'errcode' => 'M_UNKNOWN',
-                    'error' => 'Invalid login credentials'
+                    'errcode' => 'M_FORBIDDEN',
+                    'error' => 'Invalid username or password'
                 ], 403);
             }
         }
@@ -120,7 +122,7 @@ public function login(string $serverID, Request $request): JsonResponse {
      * @param Request $request
      * @return JsonResponse
      */
-    public function refresh(string $serverID, Request $request): JsonResponse {
+    public function refresh(string $serverID, Request $request) : JsonResponse {
         $payload = json_decode($request->getContent());
         $check = $this->validateRequest((array)$payload, ['refresh_token']);
         if (!$check['status']) {
@@ -131,6 +133,7 @@ public function refresh(string $serverID, Request $request): JsonResponse {
         if (!empty($tokens)) {
             $tokens->setAccesstoken($this->generateToken('access-token'));
             $tokens->setRefreshtoken($this->generateToken('refresh-token'));
+            $tokens->setServerid($serverID);
 
             $entityManager = $this->getDoctrine()->getManager();
             $entityManager->persist($tokens);
@@ -156,7 +159,7 @@ public function refresh(string $serverID, Request $request): JsonResponse {
      * @param Request $request
      * @return JsonResponse
      */
-    public function createRoom(string $serverID, Request $request): JsonResponse {
+    public function createRoom(string $serverID, Request $request) : JsonResponse {
         // 1. Check call auth.
         // 2. Check HTTP method is accepted.
         $accessCheck = $this->authHttpCheck(['POST'], $request);
@@ -178,6 +181,7 @@ public function createRoom(string $serverID, Request $request): JsonResponse {
         $room->setRoomid($roomID);
         $room->setName($payload->name);
         $room->setTopic($payload->topic);
+        $room->setServerid($serverID);
 
         $entityManager->persist($room);
         $entityManager->flush();
@@ -230,10 +234,11 @@ public function kick(string $roomID, Request $request) : JsonResponse {
      *
      * @Route("/rooms/{roomID}/state/{eventType}", name="roomState")
      * @param string $serverID
+     * @param string $eventType
      * @param Request $request
      * @return JsonResponse
      */
-    public function roomState(string $serverID, string $roomID, string $eventType, Request $request): JsonResponse {
+    public function roomState(string $serverID, string $roomID, string $eventType, Request $request) : JsonResponse {
         // 1. Check call auth.
         // 2. Check HTTP method is accepted.
         $accessCheck = $this->authHttpCheck(['PUT'], $request);
@@ -250,14 +255,26 @@ public function roomState(string $serverID, string $roomID, string $eventType, R
         $payload = json_decode($request->getContent());
 
         if ($eventType == 'm.room.topic') {
+            $check = $this->validateRequest((array)$payload, ['topic']);
+            if (!$check['status']) {
+                return $check['message'];
+            }
             $room->setTopic($payload->topic);
 
         } elseif ($eventType == 'm.room.name') {
             // Update room name.
+            $check = $this->validateRequest((array)$payload, ['name']);
+            if (!$check['status']) {
+                return $check['message'];
+            }
             $room->setName($payload->name);
 
         } elseif ($eventType == 'm.room.avatar') {
             // Update room avatar.
+            $check = $this->validateRequest((array)$payload, ['url']);
+            if (!$check['status']) {
+                return $check['message'];
+            }
             $room->setAvatar($payload->url);
         } else {
             // Unknown state.
@@ -284,10 +301,11 @@ public function roomState(string $serverID, string $roomID, string $eventType, R
      * Invite user into a room.
      *
      * @Route("/rooms/{roomID}/invite", name="inviteUser")
+     * @param string $serverID
      * @param Request $request
      * @return JsonResponse
      */
-    public function inviteUser(string $roomID, Request $request): JsonResponse {
+    public function inviteUser(string $serverID, string $roomID, Request $request) : JsonResponse {
         // 1. Check call auth.
         // 2. Check HTTP method is accepted.
         $accessCheck = $this->authHttpCheck(['POST'], $request);
@@ -332,6 +350,7 @@ public function inviteUser(string $roomID, Request $request): JsonResponse {
         $roomMember->setReason($payload->reason);
         $roomMember->setUserid($userID);
         $roomMember->setAccepted();
+        $roomMember->setServerid($serverID);
 
         $entityManager->persist($roomMember);
         $entityManager->flush();

diff --git a/application/src/Controller/MediaController.php b/application/src/Controller/MediaController.php
@@ -24,7 +24,7 @@ class MediaController extends AbstractController {
     /**
      * @Route("", name="endpoint")
      */
-    public function endpoint(): JsonResponse
+    public function endpoint() : JsonResponse
     {
         return new JsonResponse((object) [
             'errcode' => 'M_UNRECOGNIZED',
@@ -40,7 +40,7 @@ public function endpoint(): JsonResponse
      * @param Request $request
      * @return JsonResponse
      */
-    public function uploadMedia(string $serverID, Request $request): JsonResponse {
+    public function uploadMedia(string $serverID, Request $request) : JsonResponse {
         // 1. Check call auth.
         // 2. Check HTTP method is accepted.
         $accessCheck = $this->authHttpCheck(['POST'], $request);

diff --git a/application/src/Controller/SynapseController.php b/application/src/Controller/SynapseController.php
@@ -26,7 +26,7 @@ class SynapseController extends AbstractController {
     /**
      * @Route("", name="endpoint")
      */
-    public function endpoint(): JsonResponse
+    public function endpoint() : JsonResponse
     {
         return new JsonResponse((object) [
             'errcode' => 'M_UNRECOGNIZED',
@@ -38,8 +38,11 @@ public function endpoint(): JsonResponse
      * Handle Synapse user registration.
      *
      * @Route("/users/{userID}", name="registerUser")
+     * @param string $serverID
+     * @param Request $request
+     * @return JsonResponse
      */
-    public function registerUser(string $serverID, string $userID, Request $request): JsonResponse
+    public function registerUser(string $serverID, string $userID, Request $request) : JsonResponse
     {
         // 1. Check call auth.
         // 2. Check HTTP method is accepted.
@@ -101,7 +104,7 @@ public function registerUser(string $serverID, string $userID, Request $request)
      * @param Request $request
      * @return JsonResponse
      */
-    private function createUser(string $serverID, string $userID, Request $request): JsonResponse
+    private function createUser(string $serverID, string $userID, Request $request) : JsonResponse
     {
         $user = new Users();
         return $this->upsertUser($serverID, $userID, $request, $user);
@@ -115,7 +118,7 @@ private function createUser(string $serverID, string $userID, Request $request):
      * @param Request $request
      * @return JsonResponse
      */
-    private function updateUser(string $serverID, string $userID, Request $request, Users $user): JsonResponse
+    private function updateUser(string $serverID, string $userID, Request $request, Users $user) : JsonResponse
     {
         return $this->upsertUser($serverID, $userID, $request, $user, 200);
     }
@@ -129,7 +132,7 @@ private function updateUser(string $serverID, string $userID, Request $request,
      * @param Request $request
      * @return JsonResponse
      */
-    private function upsertUser(string $serverID, string $userID, Request $request, Users $user, int $status = 201): JsonResponse
+    private function upsertUser(string $serverID, string $userID, Request $request, Users $user, int $status = 201) : JsonResponse
     {
         $payload = json_decode($request->getContent());
         $entityManager = $this->getDoctrine()->getManager();
@@ -172,6 +175,7 @@ private function upsertUser(string $serverID, string $userID, Request $request,
             $token = new Tokens();
             $token->setAccesstoken($this->generateToken('access-token'));
             $token->setRefreshtoken($this->generateToken('refresh-token'));
+            $token->setServerid($serverID);
 
             $user->addToken($token);
             $token->setUserid($user);
@@ -240,10 +244,11 @@ private function upsertUser(string $serverID, string $userID, Request $request,
      * Invite user into a room.
      *
      * @Route("/join/{roomID}", name="inviteUser")
+     * @param string $serverID
      * @param Request $request
      * @return JsonResponse
      */
-    public function inviteUser(string $roomID, Request $request): JsonResponse {
+    public function inviteUser(string $serverID, string $roomID, Request $request) : JsonResponse {
         // 1. Check call auth.
         // 2. Check HTTP method is accepted.
         $accessCheck = $this->authHttpCheck(['POST'], $request);
@@ -284,6 +289,7 @@ public function inviteUser(string $roomID, Request $request): JsonResponse {
         $roomMember->setUserid($userID);
         $roomMember->setAccepted(true);
         $roomMember->setBanned();
+        $roomMember->setServerid($serverID);
 
         $entityManager->persist($roomMember);
         $entityManager->flush();

diff --git a/application/src/Entity/Passwords.php b/application/src/Entity/Passwords.php
@@ -17,6 +17,11 @@ class Passwords
      */
     private $id;
 
+    /**
+     * @ORM\Column(type="string", length=255)
+     */
+    private $serverid;
+
     /**
      * @ORM\ManyToOne(targetEntity=Users::class, inversedBy="passwords")
      * @ORM\JoinColumn(nullable=false)
@@ -33,6 +38,18 @@ public function getId(): ?int
         return $this->id;
     }
 
+    public function getServerid(): ?string
+    {
+        return $this->serverid;
+    }
+
+    public function setServerid(string $serverid): self
+    {
+        $this->serverid = $serverid;
+
+        return $this;
+    }
+
     public function getUserid(): ?Users
     {
         return $this->userid;

diff --git a/application/src/Entity/Roommembers.php b/application/src/Entity/Roommembers.php
@@ -19,6 +19,11 @@ class Roommembers
      */
     private $id;
 
+    /**
+     * @ORM\Column(type="string", length=255)
+     */
+    private $serverid;
+
     /**
      * @ORM\Column(type="string", length=255)
      */
@@ -54,6 +59,18 @@ public function getId(): ?int
         return $this->id;
     }
 
+    public function getServerid(): ?string
+    {
+        return $this->serverid;
+    }
+
+    public function setServerid(string $serverid): self
+    {
+        $this->serverid = $serverid;
+
+        return $this;
+    }
+
     public function getRoomid(): ?string
     {
         return $this->roomid;