From e122b9cdc185bd15fc45390ded7e5b3e4aa802a7 Mon Sep 17 00:00:00 2001 From: Stevani Andolo Date: Wed, 8 Feb 2023 14:38:09 +0800 Subject: [PATCH] Added backoffice reset and some adjustments --- .../src/Controller/BackOfficeController.php | 42 ++++++++++++++++- .../src/Controller/MatrixController.php | 45 +++++++++++++------ .../src/Controller/MediaController.php | 4 +- .../src/Controller/SynapseController.php | 18 +++++--- application/src/Entity/Passwords.php | 17 +++++++ application/src/Entity/Roommembers.php | 17 +++++++ application/src/Entity/Rooms.php | 17 +++++++ application/src/Traits/GeneralTrait.php | 9 ++-- 8 files changed, 141 insertions(+), 28 deletions(-) diff --git a/application/src/Controller/BackOfficeController.php b/application/src/Controller/BackOfficeController.php index 5e50f5b..3d6950a 100644 --- a/application/src/Controller/BackOfficeController.php +++ b/application/src/Controller/BackOfficeController.php @@ -2,7 +2,12 @@ namespace App\Controller; +use App\Entity\Externalids; +use App\Entity\Medias; use App\Entity\Passwords; +use App\Entity\Roommembers; +use App\Entity\Rooms; +use App\Entity\Threepids; use App\Entity\Tokens; use App\Entity\Users; use App\Traits\GeneralTrait; @@ -21,12 +26,12 @@ class BackOfficeController extends AbstractController { /** * Create admin user. * - * @Route("/create-admin", name="createAdmin") + * @Route("/create-admin", name="backOfficeCreateAdmin") * @param string $serverID * @param Request $request * @return JsonResponse */ - public function createAdmin(string $serverID, Request $request) { + public function backOfficeCreateAdmin(string $serverID, Request $request) : JsonResponse { $method = $request->getMethod(); if ($method === 'POST') { $entityManager = $this->getDoctrine()->getManager(); @@ -67,6 +72,7 @@ public function createAdmin(string $serverID, Request $request) { // New user, or existing user without any associated Tokens. $passwords = new Passwords(); $passwords->setPassword($password['token']); + $passwords->setServerid($serverID); $user->addPasswords($passwords); $user->setPasswordpattern($password['pattern']); @@ -87,4 +93,36 @@ public function createAdmin(string $serverID, Request $request) { ); } } + + /** + * @Route("/reset", name="backOfficeReset") + * @param string $serverID + * @return JsonResponse + */ + public function backOfficeReset(string $serverID) : JsonResponse + { + $entities = [ + Users::class, + Tokens::class, + Passwords::class, + Rooms::class, + Roommembers::class, + Threepids::class, + Externalids::class, + Medias::class + ]; + + $entityManager = $this->getDoctrine()->getManager(); + foreach ($entities as $entityClass) { + $entities = $this->getDoctrine() + ->getRepository($entityClass) + ->findBy(['serverid' => $serverID]); + foreach ($entities as $entity) { + $entityManager->remove($entity); + $entityManager->flush(); + } + } + + return new JsonResponse((object) ['reset' => true]); + } } \ No newline at end of file diff --git a/application/src/Controller/MatrixController.php b/application/src/Controller/MatrixController.php index 68419cb..030fdbd 100644 --- a/application/src/Controller/MatrixController.php +++ b/application/src/Controller/MatrixController.php @@ -42,7 +42,7 @@ public function endpoint(): JsonResponse * @param Request $request * @return JsonResponse */ - public function login(string $serverID, Request $request): JsonResponse { + public function login(string $serverID, Request $request) : JsonResponse { $payload = json_decode($request->getContent()); $check = $this->validateRequest((array)$payload, ['identifier', 'type']); if (!$check['status']) { @@ -59,8 +59,8 @@ public function login(string $serverID, Request $request): JsonResponse { if ($payload->type === 'm.login.password') { if (!isset($payload->password)) { return new JsonResponse((object) [ - 'errcode' => 'M_UNKNOWN', - 'error' => '"Password" is required.' + 'errcode' => 'M_INVALID_PARAM', + 'error' => 'Bad parameter: password' ], 400); } @@ -87,21 +87,23 @@ public function login(string $serverID, Request $request): JsonResponse { // then generate a new refresh_token. if (isset($payload->refresh_token) && $payload->refresh_token === true) { $token->setRefreshToken($this->generateToken('refresh-token')); - $entityManager->persist($token); - $entityManager->flush(); - $response['refresh_token'] = $token->getRefreshToken(); } + + $token->setAccessToken($this->generateToken('access-token')); + $entityManager->persist($token); + $entityManager->flush(); + $response['user_id'] = $user->getUserid(); $response['access_token'] = $token->getAccesstoken(); - $response['refresh_token'] = $token->getRefreshtoken(); + // $response['refresh_token'] = $token->getRefreshtoken(); $response['home_server'] = $request->getHost(); return new JsonResponse((object) $response, 200); } else { return new JsonResponse((object) [ - 'errcode' => 'M_UNKNOWN', - 'error' => 'Invalid login credentials' + 'errcode' => 'M_FORBIDDEN', + 'error' => 'Invalid username or password' ], 403); } } @@ -120,7 +122,7 @@ public function login(string $serverID, Request $request): JsonResponse { * @param Request $request * @return JsonResponse */ - public function refresh(string $serverID, Request $request): JsonResponse { + public function refresh(string $serverID, Request $request) : JsonResponse { $payload = json_decode($request->getContent()); $check = $this->validateRequest((array)$payload, ['refresh_token']); if (!$check['status']) { @@ -131,6 +133,7 @@ public function refresh(string $serverID, Request $request): JsonResponse { if (!empty($tokens)) { $tokens->setAccesstoken($this->generateToken('access-token')); $tokens->setRefreshtoken($this->generateToken('refresh-token')); + $tokens->setServerid($serverID); $entityManager = $this->getDoctrine()->getManager(); $entityManager->persist($tokens); @@ -156,7 +159,7 @@ public function refresh(string $serverID, Request $request): JsonResponse { * @param Request $request * @return JsonResponse */ - public function createRoom(string $serverID, Request $request): JsonResponse { + public function createRoom(string $serverID, Request $request) : JsonResponse { // 1. Check call auth. // 2. Check HTTP method is accepted. $accessCheck = $this->authHttpCheck(['POST'], $request); @@ -178,6 +181,7 @@ public function createRoom(string $serverID, Request $request): JsonResponse { $room->setRoomid($roomID); $room->setName($payload->name); $room->setTopic($payload->topic); + $room->setServerid($serverID); $entityManager->persist($room); $entityManager->flush(); @@ -230,10 +234,11 @@ public function kick(string $roomID, Request $request) : JsonResponse { * * @Route("/rooms/{roomID}/state/{eventType}", name="roomState") * @param string $serverID + * @param string $eventType * @param Request $request * @return JsonResponse */ - public function roomState(string $serverID, string $roomID, string $eventType, Request $request): JsonResponse { + public function roomState(string $serverID, string $roomID, string $eventType, Request $request) : JsonResponse { // 1. Check call auth. // 2. Check HTTP method is accepted. $accessCheck = $this->authHttpCheck(['PUT'], $request); @@ -250,14 +255,26 @@ public function roomState(string $serverID, string $roomID, string $eventType, R $payload = json_decode($request->getContent()); if ($eventType == 'm.room.topic') { + $check = $this->validateRequest((array)$payload, ['topic']); + if (!$check['status']) { + return $check['message']; + } $room->setTopic($payload->topic); } elseif ($eventType == 'm.room.name') { // Update room name. + $check = $this->validateRequest((array)$payload, ['name']); + if (!$check['status']) { + return $check['message']; + } $room->setName($payload->name); } elseif ($eventType == 'm.room.avatar') { // Update room avatar. + $check = $this->validateRequest((array)$payload, ['url']); + if (!$check['status']) { + return $check['message']; + } $room->setAvatar($payload->url); } else { // Unknown state. @@ -284,10 +301,11 @@ public function roomState(string $serverID, string $roomID, string $eventType, R * Invite user into a room. * * @Route("/rooms/{roomID}/invite", name="inviteUser") + * @param string $serverID * @param Request $request * @return JsonResponse */ - public function inviteUser(string $roomID, Request $request): JsonResponse { + public function inviteUser(string $serverID, string $roomID, Request $request) : JsonResponse { // 1. Check call auth. // 2. Check HTTP method is accepted. $accessCheck = $this->authHttpCheck(['POST'], $request); @@ -332,6 +350,7 @@ public function inviteUser(string $roomID, Request $request): JsonResponse { $roomMember->setReason($payload->reason); $roomMember->setUserid($userID); $roomMember->setAccepted(); + $roomMember->setServerid($serverID); $entityManager->persist($roomMember); $entityManager->flush(); diff --git a/application/src/Controller/MediaController.php b/application/src/Controller/MediaController.php index b7c36f3..d2091ce 100644 --- a/application/src/Controller/MediaController.php +++ b/application/src/Controller/MediaController.php @@ -24,7 +24,7 @@ class MediaController extends AbstractController { /** * @Route("", name="endpoint") */ - public function endpoint(): JsonResponse + public function endpoint() : JsonResponse { return new JsonResponse((object) [ 'errcode' => 'M_UNRECOGNIZED', @@ -40,7 +40,7 @@ public function endpoint(): JsonResponse * @param Request $request * @return JsonResponse */ - public function uploadMedia(string $serverID, Request $request): JsonResponse { + public function uploadMedia(string $serverID, Request $request) : JsonResponse { // 1. Check call auth. // 2. Check HTTP method is accepted. $accessCheck = $this->authHttpCheck(['POST'], $request); diff --git a/application/src/Controller/SynapseController.php b/application/src/Controller/SynapseController.php index 4e15fb1..cd904d8 100644 --- a/application/src/Controller/SynapseController.php +++ b/application/src/Controller/SynapseController.php @@ -26,7 +26,7 @@ class SynapseController extends AbstractController { /** * @Route("", name="endpoint") */ - public function endpoint(): JsonResponse + public function endpoint() : JsonResponse { return new JsonResponse((object) [ 'errcode' => 'M_UNRECOGNIZED', @@ -38,8 +38,11 @@ public function endpoint(): JsonResponse * Handle Synapse user registration. * * @Route("/users/{userID}", name="registerUser") + * @param string $serverID + * @param Request $request + * @return JsonResponse */ - public function registerUser(string $serverID, string $userID, Request $request): JsonResponse + public function registerUser(string $serverID, string $userID, Request $request) : JsonResponse { // 1. Check call auth. // 2. Check HTTP method is accepted. @@ -101,7 +104,7 @@ public function registerUser(string $serverID, string $userID, Request $request) * @param Request $request * @return JsonResponse */ - private function createUser(string $serverID, string $userID, Request $request): JsonResponse + private function createUser(string $serverID, string $userID, Request $request) : JsonResponse { $user = new Users(); return $this->upsertUser($serverID, $userID, $request, $user); @@ -115,7 +118,7 @@ private function createUser(string $serverID, string $userID, Request $request): * @param Request $request * @return JsonResponse */ - private function updateUser(string $serverID, string $userID, Request $request, Users $user): JsonResponse + private function updateUser(string $serverID, string $userID, Request $request, Users $user) : JsonResponse { return $this->upsertUser($serverID, $userID, $request, $user, 200); } @@ -129,7 +132,7 @@ private function updateUser(string $serverID, string $userID, Request $request, * @param Request $request * @return JsonResponse */ - private function upsertUser(string $serverID, string $userID, Request $request, Users $user, int $status = 201): JsonResponse + private function upsertUser(string $serverID, string $userID, Request $request, Users $user, int $status = 201) : JsonResponse { $payload = json_decode($request->getContent()); $entityManager = $this->getDoctrine()->getManager(); @@ -172,6 +175,7 @@ private function upsertUser(string $serverID, string $userID, Request $request, $token = new Tokens(); $token->setAccesstoken($this->generateToken('access-token')); $token->setRefreshtoken($this->generateToken('refresh-token')); + $token->setServerid($serverID); $user->addToken($token); $token->setUserid($user); @@ -240,10 +244,11 @@ private function upsertUser(string $serverID, string $userID, Request $request, * Invite user into a room. * * @Route("/join/{roomID}", name="inviteUser") + * @param string $serverID * @param Request $request * @return JsonResponse */ - public function inviteUser(string $roomID, Request $request): JsonResponse { + public function inviteUser(string $serverID, string $roomID, Request $request) : JsonResponse { // 1. Check call auth. // 2. Check HTTP method is accepted. $accessCheck = $this->authHttpCheck(['POST'], $request); @@ -284,6 +289,7 @@ public function inviteUser(string $roomID, Request $request): JsonResponse { $roomMember->setUserid($userID); $roomMember->setAccepted(true); $roomMember->setBanned(); + $roomMember->setServerid($serverID); $entityManager->persist($roomMember); $entityManager->flush(); diff --git a/application/src/Entity/Passwords.php b/application/src/Entity/Passwords.php index 3fb6a5f..1288f9d 100644 --- a/application/src/Entity/Passwords.php +++ b/application/src/Entity/Passwords.php @@ -17,6 +17,11 @@ class Passwords */ private $id; + /** + * @ORM\Column(type="string", length=255) + */ + private $serverid; + /** * @ORM\ManyToOne(targetEntity=Users::class, inversedBy="passwords") * @ORM\JoinColumn(nullable=false) @@ -33,6 +38,18 @@ public function getId(): ?int return $this->id; } + public function getServerid(): ?string + { + return $this->serverid; + } + + public function setServerid(string $serverid): self + { + $this->serverid = $serverid; + + return $this; + } + public function getUserid(): ?Users { return $this->userid; diff --git a/application/src/Entity/Roommembers.php b/application/src/Entity/Roommembers.php index b542f2f..5e59cd9 100644 --- a/application/src/Entity/Roommembers.php +++ b/application/src/Entity/Roommembers.php @@ -19,6 +19,11 @@ class Roommembers */ private $id; + /** + * @ORM\Column(type="string", length=255) + */ + private $serverid; + /** * @ORM\Column(type="string", length=255) */ @@ -54,6 +59,18 @@ public function getId(): ?int return $this->id; } + public function getServerid(): ?string + { + return $this->serverid; + } + + public function setServerid(string $serverid): self + { + $this->serverid = $serverid; + + return $this; + } + public function getRoomid(): ?string { return $this->roomid; diff --git a/application/src/Entity/Rooms.php b/application/src/Entity/Rooms.php index a390a30..ddf88ea 100644 --- a/application/src/Entity/Rooms.php +++ b/application/src/Entity/Rooms.php @@ -20,6 +20,11 @@ class Rooms */ private $id; + /** + * @ORM\Column(type="string", length=255) + */ + private $serverid; + /** * @ORM\Column(type="string", length=255) */ @@ -45,6 +50,18 @@ public function getId(): ?int return $this->id; } + public function getServerid(): ?string + { + return $this->serverid; + } + + public function setServerid(string $serverid): self + { + $this->serverid = $serverid; + + return $this; + } + public function getName(): ?string { return $this->name; diff --git a/application/src/Traits/GeneralTrait.php b/application/src/Traits/GeneralTrait.php index 673cd41..8865ec4 100644 --- a/application/src/Traits/GeneralTrait.php +++ b/application/src/Traits/GeneralTrait.php @@ -112,12 +112,11 @@ private function hashPassword(string $extra = null, string $dashedPattern = null private function validateRequest(array $requested = [], array $checks = []): array { if (count($requested) > 0) { foreach ($checks as $check) { - // if (is_array($check)) if (!in_array($check, array_keys($requested))) { $response['status'] = false; $response['message'] = new JsonResponse((object) [ - 'errcode' => 'M_BAD_JSON', - 'error' => '"'.$check. '" has not been added in the body' + 'errcode' => 'M_UNKNOWN', + 'error' => "'".$check."' not in content" ], 403); return $response; } @@ -125,8 +124,8 @@ private function validateRequest(array $requested = [], array $checks = []): arr } else { $response['status'] = false; $response['message'] = new JsonResponse((object) [ - 'errcode' => 'M_BAD_JSON', - 'error' => '"'.implode(', ', $checks). '" has not been added in the body' + 'errcode' => 'M_UNKNOWN', + 'error' => "'".implode(', ', $checks)."' not in content" ], 403); return $response; }