1 | <?php |
||
2 | |||
3 | /* |
||
4 | * @copyright 2014 Mautic Contributors. All rights reserved |
||
5 | * @author Mautic |
||
6 | * |
||
7 | * @link http://mautic.org |
||
8 | * |
||
9 | * @license GNU/GPLv3 http://www.gnu.org/licenses/gpl-3.0.html |
||
10 | */ |
||
11 | |||
12 | namespace Mautic\ApiBundle\Controller; |
||
13 | |||
14 | use Mautic\CoreBundle\Controller\FormController; |
||
15 | |||
16 | /** |
||
17 | * Class ClientController. |
||
18 | */ |
||
19 | class ClientController extends FormController |
||
20 | { |
||
21 | /** |
||
22 | * Generate's default client list. |
||
23 | * |
||
24 | * @param int $page |
||
25 | * |
||
26 | * @return \Symfony\Component\HttpFoundation\JsonResponse|\Symfony\Component\HttpFoundation\Response |
||
27 | */ |
||
28 | public function indexAction($page = 1) |
||
29 | { |
||
30 | if (!$this->get('mautic.security')->isGranted('api:clients:view')) { |
||
31 | return $this->accessDenied(); |
||
32 | } |
||
33 | |||
34 | //set limits |
||
35 | $limit = $this->get('session')->get('mautic.client.limit', $this->get('mautic.helper.core_parameters')->getParameter('default_pagelimit')); |
||
36 | $start = ($page === 1) ? 0 : (($page - 1) * $limit); |
||
37 | if ($start < 0) { |
||
38 | $start = 0; |
||
39 | } |
||
40 | |||
41 | $orderBy = $this->get('session')->get('mautic.client.orderby', 'c.name'); |
||
42 | $orderByDir = $this->get('session')->get('mautic.client.orderbydir', 'ASC'); |
||
43 | $filter = $this->request->get('search', $this->get('session')->get('mautic.client.filter', '')); |
||
44 | $apiMode = $this->factory->getRequest()->get('api_mode', $this->get('session')->get('mautic.client.filter.api_mode', 'oauth1a')); |
||
45 | $this->get('session')->set('mautic.client.filter.api_mode', $apiMode); |
||
46 | $this->get('session')->set('mautic.client.filter', $filter); |
||
47 | $tmpl = $this->request->isXmlHttpRequest() ? $this->request->get('tmpl', 'index') : 'index'; |
||
48 | |||
49 | $clients = $this->getModel('api.client')->getEntities( |
||
50 | [ |
||
51 | 'start' => $start, |
||
52 | 'limit' => $limit, |
||
53 | 'filter' => $filter, |
||
54 | 'orderBy' => $orderBy, |
||
55 | 'orderByDir' => $orderByDir, |
||
56 | ] |
||
57 | ); |
||
58 | |||
59 | $count = count($clients); |
||
60 | if ($count && $count < ($start + 1)) { |
||
61 | //the number of entities are now less then the current page so redirect to the last page |
||
62 | $lastPage = ($count === 1) ? 1 : (ceil($count / $limit)) ?: 1; |
||
63 | $this->get('session')->set('mautic.client.page', $lastPage); |
||
64 | $returnUrl = $this->generateUrl('mautic_client_index', ['page' => $lastPage]); |
||
65 | |||
66 | return $this->postActionRedirect( |
||
67 | [ |
||
68 | 'returnUrl' => $returnUrl, |
||
69 | 'viewParameters' => ['page' => $lastPage], |
||
70 | 'contentTemplate' => 'MauticApiBundle:Client:index', |
||
71 | 'passthroughVars' => [ |
||
72 | 'activeLink' => 'mautic_client_index', |
||
73 | 'mauticContent' => 'client', |
||
74 | ], |
||
75 | ] |
||
76 | ); |
||
77 | } |
||
78 | |||
79 | //set what page currently on so that we can return here after form submission/cancellation |
||
80 | $this->get('session')->set('mautic.client.page', $page); |
||
81 | |||
82 | //set some permissions |
||
83 | $permissions = [ |
||
84 | 'create' => $this->get('mautic.security')->isGranted('api:clients:create'), |
||
85 | 'edit' => $this->get('mautic.security')->isGranted('api:clients:editother'), |
||
86 | 'delete' => $this->get('mautic.security')->isGranted('api:clients:deleteother'), |
||
87 | ]; |
||
88 | |||
89 | // filters |
||
90 | $filters = []; |
||
91 | |||
92 | // api options |
||
93 | $apiOptions = []; |
||
94 | $apiOptions['oauth1'] = 'OAuth 1'; |
||
95 | $apiOptions['oauth2'] = 'OAuth 2'; |
||
96 | $filters['api_mode'] = [ |
||
97 | 'values' => [$apiMode], |
||
98 | 'options' => $apiOptions, |
||
99 | ]; |
||
100 | |||
101 | $parameters = [ |
||
102 | 'items' => $clients, |
||
103 | 'page' => $page, |
||
104 | 'limit' => $limit, |
||
105 | 'permissions' => $permissions, |
||
106 | 'tmpl' => $tmpl, |
||
107 | 'searchValue' => $filter, |
||
108 | 'filters' => $filters, |
||
109 | ]; |
||
110 | |||
111 | return $this->delegateView( |
||
112 | [ |
||
113 | 'viewParameters' => $parameters, |
||
114 | 'contentTemplate' => 'MauticApiBundle:Client:list.html.php', |
||
115 | 'passthroughVars' => [ |
||
116 | 'route' => $this->generateUrl('mautic_client_index', ['page' => $page]), |
||
117 | 'mauticContent' => 'client', |
||
118 | ], |
||
119 | ] |
||
120 | ); |
||
121 | } |
||
122 | |||
123 | /** |
||
124 | * @return \Symfony\Component\HttpFoundation\Response |
||
125 | */ |
||
126 | public function authorizedClientsAction() |
||
127 | { |
||
128 | $me = $this->get('security.context')->getToken()->getUser(); |
||
129 | $clients = $this->getModel('api.client')->getUserClients($me); |
||
0 ignored issues
–
show
Bug
introduced
by
Loading history...
|
|||
130 | |||
131 | return $this->render('MauticApiBundle:Client:authorized.html.php', ['clients' => $clients]); |
||
132 | } |
||
133 | |||
134 | /** |
||
135 | * @param int $clientId |
||
136 | * |
||
137 | * @return \Symfony\Component\HttpFoundation\JsonResponse|\Symfony\Component\HttpFoundation\RedirectResponse |
||
138 | */ |
||
139 | public function revokeAction($clientId) |
||
140 | { |
||
141 | $success = 0; |
||
142 | $flashes = []; |
||
143 | |||
144 | if ($this->request->getMethod() == 'POST') { |
||
145 | /** @var \Mautic\ApiBundle\Model\ClientModel $model */ |
||
146 | $model = $this->getModel('api.client'); |
||
147 | |||
148 | $client = $model->getEntity($clientId); |
||
149 | |||
150 | if ($client === null) { |
||
151 | $flashes[] = [ |
||
152 | 'type' => 'error', |
||
153 | 'msg' => 'mautic.api.client.error.notfound', |
||
154 | 'msgVars' => ['%id%' => $clientId], |
||
155 | ]; |
||
156 | } else { |
||
157 | $name = $client->getName(); |
||
158 | |||
159 | $model->revokeAccess($client); |
||
160 | |||
161 | $flashes[] = [ |
||
162 | 'type' => 'notice', |
||
163 | 'msg' => 'mautic.api.client.notice.revoked', |
||
164 | 'msgVars' => [ |
||
165 | '%name%' => $name, |
||
166 | ], |
||
167 | ]; |
||
168 | } |
||
169 | } |
||
170 | |||
171 | return $this->postActionRedirect( |
||
172 | [ |
||
173 | 'returnUrl' => $this->generateUrl('mautic_user_account'), |
||
174 | 'contentTemplate' => 'MauticUserBundle:Profile:index', |
||
175 | 'passthroughVars' => [ |
||
176 | 'success' => $success, |
||
177 | ], |
||
178 | 'flashes' => $flashes, |
||
179 | ] |
||
180 | ); |
||
181 | } |
||
182 | |||
183 | /** |
||
184 | * @param mixed $objectId |
||
185 | * |
||
186 | * @return array|\Symfony\Component\HttpFoundation\JsonResponse|\Symfony\Component\HttpFoundation\RedirectResponse|\Symfony\Component\HttpFoundation\Response |
||
187 | */ |
||
188 | public function newAction($objectId = 0) |
||
189 | { |
||
190 | if (!$this->get('mautic.security')->isGranted('api:clients:create')) { |
||
191 | return $this->accessDenied(); |
||
192 | } |
||
193 | |||
194 | $apiMode = ($objectId === 0) ? $this->get('session')->get('mautic.client.filter.api_mode', 'oauth1a') : $objectId; |
||
195 | $this->get('session')->set('mautic.client.filter.api_mode', $apiMode); |
||
196 | |||
197 | /** @var \Mautic\ApiBundle\Model\ClientModel $model */ |
||
198 | $model = $this->getModel('api.client'); |
||
199 | $model->setApiMode($apiMode); |
||
200 | |||
201 | //retrieve the entity |
||
202 | $client = $model->getEntity(); |
||
203 | |||
204 | //set the return URL for post actions |
||
205 | $returnUrl = $this->generateUrl('mautic_client_index'); |
||
206 | |||
207 | //get the user form factory |
||
208 | $action = $this->generateUrl('mautic_client_action', ['objectAction' => 'new']); |
||
209 | $form = $model->createForm($client, $this->get('form.factory'), $action); |
||
210 | |||
211 | //remove the client id and secret fields as they'll be auto generated |
||
212 | $form->remove('randomId'); |
||
213 | $form->remove('secret'); |
||
214 | $form->remove('publicId'); |
||
215 | $form->remove('consumerKey'); |
||
216 | $form->remove('consumerSecret'); |
||
217 | |||
218 | ///Check for a submitted form and process it |
||
219 | if ($this->request->getMethod() == 'POST') { |
||
220 | $valid = false; |
||
221 | if (!$cancelled = $this->isFormCancelled($form)) { |
||
222 | if ($valid = $this->isFormValid($form)) { |
||
223 | //form is valid so process the data |
||
224 | $model->saveEntity($client); |
||
225 | $this->addFlash( |
||
226 | 'mautic.api.client.notice.created', |
||
227 | [ |
||
228 | '%name%' => $client->getName(), |
||
229 | '%clientId%' => $client->getPublicId(), |
||
230 | '%clientSecret%' => $client->getSecret(), |
||
231 | '%url%' => $this->generateUrl( |
||
232 | 'mautic_client_action', |
||
233 | [ |
||
234 | 'objectAction' => 'edit', |
||
235 | 'objectId' => $client->getId(), |
||
236 | ] |
||
237 | ), |
||
238 | ] |
||
239 | ); |
||
240 | } |
||
241 | } |
||
242 | |||
243 | if ($cancelled || ($valid && $form->get('buttons')->get('save')->isClicked())) { |
||
244 | return $this->postActionRedirect( |
||
245 | [ |
||
246 | 'returnUrl' => $returnUrl, |
||
247 | 'contentTemplate' => 'MauticApiBundle:Client:index', |
||
248 | 'passthroughVars' => [ |
||
249 | 'activeLink' => '#mautic_client_index', |
||
250 | 'mauticContent' => 'client', |
||
251 | ], |
||
252 | ] |
||
253 | ); |
||
254 | } elseif ($valid && !$cancelled) { |
||
255 | return $this->editAction($client->getId(), true); |
||
256 | } |
||
257 | } |
||
258 | |||
259 | return $this->delegateView( |
||
260 | [ |
||
261 | 'viewParameters' => [ |
||
262 | 'form' => $form->createView(), |
||
263 | 'tmpl' => $this->request->get('tmpl', 'form'), |
||
264 | ], |
||
265 | 'contentTemplate' => 'MauticApiBundle:Client:form.html.php', |
||
266 | 'passthroughVars' => [ |
||
267 | 'activeLink' => '#mautic_client_new', |
||
268 | 'route' => $action, |
||
269 | 'mauticContent' => 'client', |
||
270 | ], |
||
271 | ] |
||
272 | ); |
||
273 | } |
||
274 | |||
275 | /** |
||
276 | * Generates edit form and processes post data. |
||
277 | * |
||
278 | * @param int $objectId |
||
279 | * @param bool $ignorePost |
||
280 | * |
||
281 | * @return \Symfony\Component\HttpFoundation\JsonResponse|\Symfony\Component\HttpFoundation\RedirectResponse|\Symfony\Component\HttpFoundation\Response |
||
282 | */ |
||
283 | public function editAction($objectId, $ignorePost = false) |
||
284 | { |
||
285 | if (!$this->get('mautic.security')->isGranted('api:clients:editother')) { |
||
286 | return $this->accessDenied(); |
||
287 | } |
||
288 | |||
289 | /** @var \Mautic\ApiBundle\Model\ClientModel $model */ |
||
290 | $model = $this->getModel('api.client'); |
||
291 | $client = $model->getEntity($objectId); |
||
292 | $returnUrl = $this->generateUrl('mautic_client_index'); |
||
293 | |||
294 | $postActionVars = [ |
||
295 | 'returnUrl' => $returnUrl, |
||
296 | 'contentTemplate' => 'MauticApiBundle:Client:index', |
||
297 | 'passthroughVars' => [ |
||
298 | 'activeLink' => '#mautic_client_index', |
||
299 | 'mauticContent' => 'client', |
||
300 | ], |
||
301 | ]; |
||
302 | |||
303 | //client not found |
||
304 | if ($client === null) { |
||
305 | return $this->postActionRedirect( |
||
306 | array_merge( |
||
307 | $postActionVars, |
||
308 | [ |
||
309 | 'flashes' => [ |
||
310 | [ |
||
311 | 'type' => 'error', |
||
312 | 'msg' => 'mautic.api.client.error.notfound', |
||
313 | 'msgVars' => ['%id%' => $objectId], |
||
314 | ], |
||
315 | ], |
||
316 | ] |
||
317 | ) |
||
318 | ); |
||
319 | } elseif ($model->isLocked($client)) { |
||
320 | //deny access if the entity is locked |
||
321 | return $this->isLocked($postActionVars, $client, 'api.client'); |
||
322 | } |
||
323 | |||
324 | $action = $this->generateUrl('mautic_client_action', ['objectAction' => 'edit', 'objectId' => $objectId]); |
||
325 | $form = $model->createForm($client, $this->get('form.factory'), $action); |
||
326 | |||
327 | // remove api_mode field |
||
328 | $form->remove('api_mode'); |
||
329 | |||
330 | ///Check for a submitted form and process it |
||
331 | if (!$ignorePost && $this->request->getMethod() == 'POST') { |
||
332 | if (!$cancelled = $this->isFormCancelled($form)) { |
||
333 | if ($valid = $this->isFormValid($form)) { |
||
334 | //form is valid so process the data |
||
335 | $model->saveEntity($client, $form->get('buttons')->get('save')->isClicked()); |
||
336 | $this->addFlash( |
||
337 | 'mautic.core.notice.updated', |
||
338 | [ |
||
339 | '%name%' => $client->getName(), |
||
340 | '%menu_link%' => 'mautic_client_index', |
||
341 | '%url%' => $this->generateUrl( |
||
342 | 'mautic_client_action', |
||
343 | [ |
||
344 | 'objectAction' => 'edit', |
||
345 | 'objectId' => $client->getId(), |
||
346 | ] |
||
347 | ), |
||
348 | ] |
||
349 | ); |
||
350 | |||
351 | if ($form->get('buttons')->get('save')->isClicked()) { |
||
352 | return $this->postActionRedirect($postActionVars); |
||
353 | } |
||
354 | } |
||
355 | } else { |
||
356 | //unlock the entity |
||
357 | $model->unlockEntity($client); |
||
358 | |||
359 | return $this->postActionRedirect($postActionVars); |
||
360 | } |
||
361 | } else { |
||
362 | //lock the entity |
||
363 | $model->lockEntity($client); |
||
364 | } |
||
365 | |||
366 | return $this->delegateView( |
||
367 | [ |
||
368 | 'viewParameters' => [ |
||
369 | 'form' => $form->createView(), |
||
370 | 'tmpl' => $this->request->get('tmpl', 'form'), |
||
371 | ], |
||
372 | 'contentTemplate' => 'MauticApiBundle:Client:form.html.php', |
||
373 | 'passthroughVars' => [ |
||
374 | 'activeLink' => '#mautic_client_index', |
||
375 | 'route' => $action, |
||
376 | 'mauticContent' => 'client', |
||
377 | ], |
||
378 | ] |
||
379 | ); |
||
380 | } |
||
381 | |||
382 | /** |
||
383 | * Deletes the entity. |
||
384 | * |
||
385 | * @param int $objectId |
||
386 | * |
||
387 | * @return \Symfony\Component\HttpFoundation\JsonResponse|\Symfony\Component\HttpFoundation\RedirectResponse |
||
388 | */ |
||
389 | public function deleteAction($objectId) |
||
390 | { |
||
391 | if (!$this->get('mautic.security')->isGranted('api:clients:delete')) { |
||
392 | return $this->accessDenied(); |
||
393 | } |
||
394 | |||
395 | $returnUrl = $this->generateUrl('mautic_client_index'); |
||
396 | $success = 0; |
||
397 | $flashes = []; |
||
398 | |||
399 | $postActionVars = [ |
||
400 | 'returnUrl' => $returnUrl, |
||
401 | 'contentTemplate' => 'MauticApiBundle:Client:index', |
||
402 | 'passthroughVars' => [ |
||
403 | 'activeLink' => '#mautic_client_index', |
||
404 | 'success' => $success, |
||
405 | 'mauticContent' => 'client', |
||
406 | ], |
||
407 | ]; |
||
408 | |||
409 | if ($this->request->getMethod() == 'POST') { |
||
410 | /** @var \Mautic\ApiBundle\Model\ClientModel $model */ |
||
411 | $model = $this->getModel('api.client'); |
||
412 | $entity = $model->getEntity($objectId); |
||
413 | if ($entity === null) { |
||
414 | $flashes[] = [ |
||
415 | 'type' => 'error', |
||
416 | 'msg' => 'mautic.api.client.error.notfound', |
||
417 | 'msgVars' => ['%id%' => $objectId], |
||
418 | ]; |
||
419 | } elseif ($model->isLocked($entity)) { |
||
420 | //deny access if the entity is locked |
||
421 | return $this->isLocked($postActionVars, $entity, 'api.client'); |
||
422 | } else { |
||
423 | $model->deleteEntity($entity); |
||
424 | $name = $entity->getName(); |
||
425 | $flashes[] = [ |
||
426 | 'type' => 'notice', |
||
427 | 'msg' => 'mautic.core.notice.deleted', |
||
428 | 'msgVars' => [ |
||
429 | '%name%' => $name, |
||
430 | '%id%' => $objectId, |
||
431 | ], |
||
432 | ]; |
||
433 | } |
||
434 | } |
||
435 | |||
436 | return $this->postActionRedirect( |
||
437 | array_merge( |
||
438 | $postActionVars, |
||
439 | [ |
||
440 | 'flashes' => $flashes, |
||
441 | ] |
||
442 | ) |
||
443 | ); |
||
444 | } |
||
445 | } |
||
446 |