Add a constant for pydio booster task identifier

cdujeu · cdujeu · commit 9ac73a706d34 · 2016-09-29T18:20:18.000+02:00
diff --git a/core/src/conf/bootstrap_context.php b/core/src/conf/bootstrap_context.php
@@ -91,6 +91,9 @@
 define("HASH_SALT_INDEX", 2);
 define("HASH_PBKDF2_INDEX", 3);
 
+// Used to identify the booster admin tasks
+define("PYDIO_BOOSTER_TASK_IDENTIFIER", "pydio-booster");
+
 // CAN BE SWITCHED TO TRUE TO MAKE THE SECURE TOKEN MORE SAFE
 // MAKE SURE YOU HAVE PHP.5.3, OPENSSL, AND THAT IT DOES NOT DEGRADE PERFORMANCES
 define("USE_OPENSSL_RANDOM", false);
diff --git a/core/src/core/src/pydio/Core/Http/Response/FileReaderResponse.php b/core/src/core/src/pydio/Core/Http/Response/FileReaderResponse.php
@@ -442,7 +442,7 @@ protected function sendToAccelerator($accelConfiguration, $localPathOrNode, $ser
 
         // Pydio Agent acceleration - We make sure that request was really proxied by Agent, by checking a specific header.
         if($accelConfiguration === "pydio" && array_key_exists("HTTP_X_PYDIO_DOWNLOAD_SUPPORTED", $serverParams)
-            && ApiKeysService::requestHasValidHeadersForAdminTask($serverParams, "go-upload")) {
+            && ApiKeysService::requestHasValidHeadersForAdminTask($serverParams, PYDIO_BOOSTER_TASK_IDENTIFIER)) {
             
             if ($localPathOrNode instanceof AJXP_Node) {
                 $options = MetaStreamWrapper::getResolvedOptionsForNode($localPathOrNode);
diff --git a/core/src/core/src/pydio/Core/Services/ApiKeysService.php b/core/src/core/src/pydio/Core/Services/ApiKeysService.php
@@ -86,16 +86,18 @@ public static function generatePairForAuthfront($userId, $deviceId = "", $device
      * @throws PydioException
      * @throws \Exception
      */
-    public static function generatePairForAdminTask($adminTaskId, $userId, $restrictToIP = ""){
+    public static function generatePairForAdminTask($adminTaskId, $userId = "", $restrictToIP = ""){
 
         $store = self::getStore();
         $token = StringHelper::generateRandomString();
         $private = StringHelper::generateRandomString();
         $data = [
-            "USER_ID"       => $userId,
             "PRIVATE"       => $private,
             "ADMIN_TASK_ID" => $adminTaskId
         ];
+        if(!empty($userId)){
+            $data["USER_ID"] = $userId;
+        }
         if(!empty($restrictToIP)){
             $data["RESTRICT_TO_IP"] = $restrictToIP;
         }
@@ -154,7 +156,7 @@ public static function requestHasValidHeadersForAdminTask($serverData, $adminTas
             return false;
         }
         list($t, $p) = explode(":", trim($serverData['HTTP_X_PYDIO_ADMIN_AUTH']));
-        $existingKey = self::findPairForAdminTask("go-upload", $userId);
+        $existingKey = self::findPairForAdminTask(PYDIO_BOOSTER_TASK_IDENTIFIER);
         if($existingKey === null || $existingKey['p'] !== $p || $existingKey['t'] !== $t){
             Logger::error(__CLASS__, __FUNCTION__, "Invalid tokens for admin task $adminTaskId");
             return false;
diff --git a/core/src/plugins/core.mq/src/MqManager.php b/core/src/plugins/core.mq/src/MqManager.php
@@ -467,7 +467,7 @@ public function generateAdminKey($params, $ctx){
             $this->getAdminKeyString();
             return "SUCCESS: Nothing to do, a pair already exists";
         }catch(PydioException $e){
-            $adminPair = $this->getAdminKeyString($u->getId());
+            $adminPair = $this->getAdminKeyString(true);
             $pairFile = $this->getPluginWorkDir(true)."/apikey";
             $r = file_put_contents($pairFile, $adminPair);
             if($r === false){
@@ -489,7 +489,7 @@ public function revokeAdminKey($params, $ctx){
         if(!$u->isAdmin()){
             return "ERROR: You are not administrator";
         }
-        $c = ApiKeysService::revokePairForAdminTask("go-upload", $u->getId());
+        $c = ApiKeysService::revokePairForAdminTask(PYDIO_BOOSTER_TASK_IDENTIFIER, $u->getId());
         if($c > 0){
             return "SUCCESS: Successfully revoked $c pair of keys. You may have to generate new ones and reload PydioBooster.";
         }else{
@@ -499,21 +499,21 @@ public function revokeAdminKey($params, $ctx){
 
 
     /**
-     * @param string $writeForUserId
+     * @param bool $createIfNotExists
      * @param string $restrictToIp
      * @throws PydioException
      * @return string
      */
-    protected function getAdminKeyString($writeForUserId = "", $restrictToIp = ""){
+    protected function getAdminKeyString($createIfNotExists = false, $restrictToIp = ""){
 
-        if($writeForUserId){
-            $adminKey = ApiKeysService::findPairForAdminTask("go-upload", $writeForUserId);
+        if($createIfNotExists){
+            $adminKey = ApiKeysService::findPairForAdminTask(PYDIO_BOOSTER_TASK_IDENTIFIER);
             if($adminKey === null){
-                $adminKey = ApiKeysService::generatePairForAdminTask("go-upload", $writeForUserId, $restrictToIp);
+                $adminKey = ApiKeysService::generatePairForAdminTask(PYDIO_BOOSTER_TASK_IDENTIFIER, "", $restrictToIp);
             }
             $adminKeyString = $adminKey["t"].":".$adminKey["p"];
         }else{
-            $adminKey = ApiKeysService::findPairForAdminTask("go-upload");
+            $adminKey = ApiKeysService::findPairForAdminTask(PYDIO_BOOSTER_TASK_IDENTIFIER);
             if($adminKey === null){
                 throw new PydioException("Cannot find any key pair for admin access, something went wrong!");
             }
diff --git a/core/src/plugins/uploader.html/SimpleUpload.php b/core/src/plugins/uploader.html/SimpleUpload.php
@@ -131,7 +131,7 @@ public function preProcess(\Psr\Http\Message\ServerRequestInterface &$request, \
 
             if($externalUploadStatus === ExternalUploadedFile::STATUS_REQUEST_OPTIONS){
 
-                if(!ApiKeysService::requestHasValidHeadersForAdminTask($request->getServerParams(), "go-upload")){
+                if(!ApiKeysService::requestHasValidHeadersForAdminTask($request->getServerParams(), PYDIO_BOOSTER_TASK_IDENTIFIER)){
                     throw new AuthRequiredException();
                 }
 

Original file line number	Diff line number	Diff line change
`@@ -131,7 +131,7 @@ public function preProcess(\Psr\Http\Message\ServerRequestInterface &$request, \`
`131`	`131`
`132`	`132`	`if($externalUploadStatus === ExternalUploadedFile::STATUS_REQUEST_OPTIONS){`
`133`	`133`
`134`		`- if(!ApiKeysService::requestHasValidHeadersForAdminTask($request->getServerParams(), "go-upload")){`
	`134`	`+ if(!ApiKeysService::requestHasValidHeadersForAdminTask($request->getServerParams(), PYDIO_BOOSTER_TASK_IDENTIFIER)){`
`135`	`135`	`throw new AuthRequiredException();`
`136`	`136`	`}`
`137`	`137`