Merge pull request #296 from ostepu/develop

Version 0.6.2

Author: tilluhlig

Assistants/CConfig.php

@@ -330,6 +330,20 @@ public function commands( $pre = '', $nativeOnly=false, $returnData=false )
             }
         }
     }
+    
+    // liefert die API-Regeln für das develop-Profil
+    public function apiRulesDevelop($myComponentName){
+        $rules = array();
+        
+        $rules[] = GateRule::createGateRule(null,'httpCall',$myComponentName,'GET ((/profile)/:pre)/info/commands(/)',null);
+        $rules[] = GateRule::createGateRule(null,'httpCall',$myComponentName,'GET ((/profile)/:pre)/info/links(/)',null);
+        if (!$this->_noInfo) $rules[] = GateRule::createGateRule(null,'httpCall',$myComponentName,'GET ((/profile)/:pre)/info/:language(/)',null);
+        ////$rules[] = GateRule::createGateRule(null,'httpCall',$myComponentName,'POST ((/profile)/:pre)/control',null);
+        $rules[] = GateRule::createGateRule(null,'httpCall',$myComponentName,'GET ((/profile)/:pre)/control',null);
+        if (!$this->_noHelp) $rules[] = GateRule::createGateRule(null,'httpCall',$myComponentName,'GET ((/profile)/:pre)/help/:language/path+',null);
+        
+        return $rules;
+    }
 
     public function component( $pre = '', $nativeOnly=false, $returnData=false )
     {

Assistants/Model.php

@@ -14,6 +14,7 @@
 require_once ( dirname(__FILE__) . '/vendor/Slim/Slim/Route.php' );
 require_once ( dirname(__FILE__) . '/vendor/Slim/Slim/Router.php' );
 require_once ( dirname(__FILE__) . '/vendor/Slim/Slim/Environment.php' );
+require_once ( dirname(__FILE__) . '/vendor/Validation/Validation.php' );
 include_once ( dirname(__FILE__) . '/Structures.php' );
 include_once ( dirname(__FILE__) . '/Request.php' );
 include_once ( dirname(__FILE__) . '/../UI/include/Authentication.php' );
@@ -48,7 +49,7 @@ class Model
     /**
      * @var Component $_com Die Definition der Ausgänge
      */
-    private $_com = null;
+    public $_com = null;
 
 
     private $_noInfo = null;
@@ -608,7 +609,7 @@ public function call($linkName, $params, $body, $positiveStatus, callable $posit
     {
         $link=CConfig::getLink($this->_conf->getLinks( ),$linkName);
         $instructions = $this->_com->instruction('',true);
-
+        
         // ermittle den zutreffenden Ausgang
         $selectedInstruction=null;
         foreach($instructions as $instruction){

Assistants/Request.php

@@ -109,6 +109,62 @@ public static function normalizeURL($target)
         }
         return $target;
     }
+    
+    public static function download($tempTarget, $target, $responseHeader=true, $header=array())
+    {   
+        $target = self::normalizeURL($target);
+        
+        $result = array();
+        try{
+            $fp = fopen($tempTarget.'_2', 'w+');
+            $ch = curl_init($target);
+            curl_setopt($ch, CURLOPT_SSL_VERIFYHOST, 0);
+            curl_setopt($ch, CURLOPT_SSL_VERIFYPEER, 0);
+            curl_setopt($ch, CURLOPT_FILE, $fp);
+            
+            if ($responseHeader){
+                curl_setopt($ch, CURLOPT_HEADER, true);
+            }
+            
+            curl_setopt($ch, CURLOPT_FOLLOWLOCATION, true);
+            //curl_setopt($ch, CURLOPT_USERAGENT,'Codular Sample cURL Request');
+            curl_setopt($ch, CURLOPT_TIMEOUT, 120); // 120 Sekunden
+            curl_setopt($ch, CURLOPT_CONNECTTIMEOUT, 120); // 120 Sekunden
+            
+            curl_setopt($ch, CURLOPT_ENCODING, 'gzip,deflate');
+            
+            curl_setopt($ch, CURLOPT_HTTPHEADER, $header);
+
+            $content = curl_exec($ch);
+            // get the request result
+            $header_size = curl_getinfo($ch, CURLINFO_HEADER_SIZE);
+            
+            if ($header_size > 0){
+                fseek($fp,0);
+                $result['headers'] = self::http_parse_headers(fread($fp, $header_size));
+            }
+            fseek($fp,$header_size);
+            $fp2 = fopen($tempTarget, 'w+');
+            while (!feof($fp)) fwrite($fp2, fread($fp, 8192));
+            fclose($fp2);
+            fclose($fp);
+            unlink($tempTarget.'_2');
+
+            // seperates the content part
+            $result['content'] = "";
+
+            // sets the received status code
+            $result['status'] = curl_getinfo($ch, CURLINFO_HTTP_CODE);
+            curl_close($ch);
+            
+        }catch(Exception $e){
+            $result = array();
+            $result['status'] = 408;
+            $result['content'] = '';
+            $result['headers'] = array();
+        }
+        return $result;
+    }
 
     /**
      * performs a custom request

DB/CGate/CGate.php

@@ -14,26 +14,34 @@
 include_once ( dirname(__FILE__) . '/../../UI/include/Authentication.php' );
 
 /**
- * ???
+ * die Klasse CGate stellt gesicherte Zugriffe auf interne Komponenten bereit
+ * hierzu gehört die Komponente DBGate, deren Tabellen die Profile, Benutzer und Regeln definieren
+ *
+ * Es gibt die Zugangsarten
+ * -> noAuth = keine Authentifizierung
+ * -> httpAuth = die HTTP-Standardanmeldung im Header unter "Authorization"
+ *      siehe https://de.wikipedia.org/wiki/HTTP-Authentifizierung
+ * -> tokenAuth = die Angabe eines Tokens im Header unter "PRIVATE-TOKEN" (ist in der gateauth-Tabelle dann der "GA_login")
  */
 class CGate extends Model
 {
 
     /**
-     * ???
+     * Konstruktor
      */
     public function __construct( )
     {
+        // hier wird die Model-Klasse gestartet
         parent::__construct('', dirname(__FILE__), $this, false, false, array('addRequestToParams'=>true));
         $this->run();
     }
 
     /**
-     * ???
+     * diese Methode bearbeitet die Anfragen
      */
     public function request( $callName, $input, $params = array() )
     {
-        $authType = 'noAuth';        
+        $authType = 'noAuth'; // das ist der default-Anmeldetyp, wenn kein anderer erkannt wird     
         $profile = $params['profile'];
         $component = $params['component'];
         $order = '/'.implode('/',$params['path']);
@@ -48,30 +56,36 @@ public function request( $callName, $input, $params = array() )
             $login = $headers['PHP_AUTH_USER'];
             $passwd = (isset($headers['PHP_AUTH_PW']) ? $headers['PHP_AUTH_PW'] : '');
             $authType = 'httpAuth';
+        } elseif (isset($headers['HTTP_PRIVATE_TOKEN'])){
+            // wir prüfen nun ob eine Authentifizierung über einen Token gewollt ist
+            $login = $headers['HTTP_PRIVATE_TOKEN'];
+            $passwd = null;
+            $authType = 'tokenAuth';
         }
 
         $positive = function($gateProfile, $method, $order, $component, $body, $authType, $login, $passwd) {
-            $gateProfile = $gateProfile[0];
+            // wenn diese Funktion aufgerufen wird, dann existiert das Profil und dazu der Login.
+            // Wir wissen aber noch nicht, ob er sich wirklich korrekt angemeldet hat, sofern noch ein Passwort
+            // erforderlich ist
+            
+            $gateProfile = $gateProfile[0]; // dieses Profil entstammt der Datenbank, wenn dort Profil und Nutzername gefunden wurden
 
             $auths = $gateProfile->getAuths();
-            $accepted = false;
+            $accepted = false; // dieses Flag gibt an, ob der Zugang erfolgreich gewährt wurde
 
-            $authentication = new Authentication();
-
             foreach($auths as $auth){
                 $authType = $auth->getType();
-                if ($authType == 'noAuth'){
+                if ($authType == 'tokenAuth'){
+                    // wir gelangen nur an diesen Punkt, wenn es den entsprechenden Token in der Datenbank als
+                    // 'login' gibt, daher ist der Zugang dann erlaubt
+                    $accepted = true;
+                    break;
+                } elseif ($authType == 'noAuth'){
+                    // es ist keine weitere Prüfung erforderlich
                     $accepted = true;
                     break;
                 } elseif ($authType == 'httpAuth'){
-                    $params = $auth->getParams();
-                    
-                    /*$salt = '';
-                    if (isset($params['salt'])){
-                        $salt = $params['salt'];
-                    }
-                    
-                    $hashedPasswd = $authentication->hashPassword($passwd, $salt);*/
+                    //$params = $auth->getParams();
 
                     if ($auth->getLogin() == $login && $auth->getPasswd() == $passwd){
                         $accepted = true;
@@ -95,6 +109,9 @@ public function request( $callName, $input, $params = array() )
 
             // nun muss geprüft werden, ob der Aufruf auch erlaubt ist
             if (in_array("Slim\\Slim", get_declared_classes())) {
+                
+                // hier wird slim vorbereitet, um später für uns zu prüfen, ob eine der Regelpfade auf
+                // unsere Anfrage passt
                 $router = new \Slim\Router();
                 foreach($rules as $rule){
                     if ($rule->getType() == 'httpCall' && $rule->getComponent() == $component){
@@ -153,6 +170,7 @@ public function request( $callName, $input, $params = array() )
         if ($authType == 'noAuth'){
             return Model::call('getComponentProfileWithAuth', array('profName'=>$profile, 'authType'=>$authType, 'component'=>$component), '', 200, $positive, array('method'=>$method, 'order'=>$order, 'component'=>$component, 'body'=>$input, 'authType'=>$authType, 'login'=>$login, 'passwd'=>$passwd), 'Model::isRejected', array(), 'GateProfile');
         } else {
+            // es ist eine andere Zugangsart, sodass auch geprüft wird, ob es eine Anmeldung mit dem entsprechenden Nutzernamen gibt
             return Model::call('getComponentProfileWithAuthLogin', array('login'=>$login, 'profName'=>$profile, 'authType'=>$authType, 'component'=>$component), '', 200, $positive, array('method'=>$method, 'order'=>$order, 'component'=>$component, 'body'=>$input, 'authType'=>$authType, 'login'=>$login, 'passwd'=>$passwd), 'Model::isRejected', array(), 'GateProfile');
         }
     }

DB/CHelp/CHelp.php

@@ -246,4 +246,27 @@ public static function deleteDir($path)
         }
         return false;
     }
+
+    public function getApiProfiles( $callName, $input, $params = array() )
+    {   
+        $myName = $this->_component->_conf->getName();
+        $profiles = array();
+        $profiles['readonly'] = GateProfile::createGateProfile(null,'readonly');
+        $profiles['readonly']->addRule(GateRule::createGateRule(null,'httpCall',$myName,'GET /help/:path+',null));
+        $profiles['readonly']->addRule(GateRule::createGateRule(null,'httpCall',$myName,'GET /status',null));
+        
+        $profiles['general'] = GateProfile::createGateProfile(null,'general');
+        $profiles['general']->setRules($profiles['readonly']->getRules());
+        $profiles['general']->addRule(GateRule::createGateRule(null,'httpCall',$myName,'DELETE /platform/:path+',null));
+        $profiles['general']->addRule(GateRule::createGateRule(null,'httpCall',$myName,'POST /platform/:path+',null));
+        $profiles['general']->addRule(GateRule::createGateRule(null,'httpCall',$myName,'GET /link/exists/platform',null));
+        
+        $profiles['develop'] = GateProfile::createGateProfile(null,'develop');
+        $profiles['develop']->setRules(array_merge($profiles['general']->getRules(), $this->_component->_com->apiRulesDevelop($myName)));
+
+        $profiles['public'] = GateProfile::createGateProfile(null,'public');
+        $profiles['public']->addRule(GateRule::createGateRule(null,'httpCall',$myName,'GET /help/:path+',null));
+        $profiles['public']->addRule(GateRule::createGateRule(null,'httpCall',$myName,'GET /status',null));
+        return Model::isOk(array_values($profiles));
+    }
 }

DB/CHelp/Commands.json

@@ -40,5 +40,12 @@
         "inputType": "",
         "method": "GET",
         "path": "/link/exists/platform"
+    },
+    {
+        "name": "getApiProfiles",
+        "outputType": "GateProfile",
+        "inputType": "",
+        "method": "GET",
+        "path": "/api/profiles"
     }
 ]

DB/CHelp/Component.json

@@ -23,6 +23,10 @@
         {
             "name": "postPlatform",
             "target": "CInstall"
+        },
+        {
+            "name": "getComponentProfiles",
+            "target": "TApiConfiguration"
         }
     ]
 }

DB/CSystem/CSystem.php

@@ -49,4 +49,22 @@ public function getTimestamp( $callName, $input, $params = array())
         // returns the currect timestamp
         return Model::isOk(array('timestamp'=>microtime(true)));
     }
+
+    public function getApiProfiles( $callName, $input, $params = array() )
+    {   
+        $myName = $this->_component->_conf->getName();
+        $profiles = array();
+        $profiles['readonly'] = GateProfile::createGateProfile(null,'readonly');
+        $profiles['readonly']->addRule(GateRule::createGateRule(null,'httpCall',$myName,'GET /timestamp',null));
+        
+        $profiles['general'] = GateProfile::createGateProfile(null,'general');
+        $profiles['general']->setRules($profiles['readonly']->getRules());
+        
+        $profiles['develop'] = GateProfile::createGateProfile(null,'develop');
+        $profiles['develop']->setRules(array_merge($profiles['general']->getRules(), $this->_component->_com->apiRulesDevelop($myName)));
+
+        $profiles['public'] = GateProfile::createGateProfile(null,'public');
+        $profiles['public']->addRule(GateRule::createGateRule(null,'httpCall',$myName,'GET /timestamp',null));
+        return Model::isOk(array_values($profiles));
+    }
 }

DB/CSystem/Commands.json

@@ -3,5 +3,12 @@
         "name": "getTimestamp",
         "method": "GET",
         "path": "/timestamp"
+    },
+    {
+        "name": "getApiProfiles",
+        "outputType": "GateProfile",
+        "inputType": "",
+        "method": "GET",
+        "path": "/api/profiles"
     }
 ]

DB/CSystem/Component.json

@@ -13,6 +13,10 @@
         {
             "name": "request",
             "target": "CLocalObjectRequest"
+        },
+        {
+            "name": "getComponentProfiles",
+            "target": "TApiConfiguration"
         }
     ]
 }