instances added god may help

This commit is contained in:
2026-02-23 12:58:19 +01:00
parent 25370a1a55
commit 99db252f60
290 changed files with 9858 additions and 4914 deletions

View File

@@ -0,0 +1,129 @@
<?php
use MintyPHP\Http\ApiBootstrap;
use MintyPHP\Http\ApiResponse;
use MintyPHP\Repository\Tenant\TenantRepository;
use MintyPHP\Service\Auth\AuthServicesFactory;
use MintyPHP\Service\Security\SecurityServicesFactory;
use MintyPHP\Service\User\UserServicesFactory;
ApiBootstrap::init();
ApiResponse::requireMethod('POST');
$input = ApiResponse::readJsonBody();
// ---- Login-specific rate limits (stricter than the general API rate limit in ApiBootstrap) ----
$rateLimiter = (new SecurityServicesFactory())->createRateLimiterService();
$ip = $_SERVER['REMOTE_ADDR'] ?? '';
$ipResult = $rateLimiter->isBlocked('api.auth.login.ip', $ip);
if (!($ipResult['allowed'] ?? true)) {
ApiResponse::tooManyRequests((int) ($ipResult['retry_after'] ?? 60));
}
// ---- Input ----
$email = strtolower(trim((string) ($input['email'] ?? '')));
$password = (string) ($input['password'] ?? '');
$tokenName = trim((string) ($input['token_name'] ?? '')) ?: 'Login';
$tenantUuid = trim((string) ($input['tenant_uuid'] ?? ''));
$validationErrors = [];
if ($email === '') {
$validationErrors['email'] = ['required'];
}
if ($password === '') {
$validationErrors['password'] = ['required'];
}
if ($validationErrors) {
ApiResponse::validationError($validationErrors);
}
// ---- Email+IP rate limit ----
$emailKey = $email . '|' . $ip;
$emailResult = $rateLimiter->isBlocked('api.auth.login.email_ip', $emailKey);
if (!($emailResult['allowed'] ?? true)) {
ApiResponse::tooManyRequests((int) ($emailResult['retry_after'] ?? 60));
}
// ---- User lookup ----
$userReadRepository = (new UserServicesFactory())->createUserReadRepository();
$user = $userReadRepository->findByEmail($email);
if (!$user) {
$rateLimiter->registerFailure('api.auth.login.ip', $ip, 10, 600, 300);
$rateLimiter->registerFailure('api.auth.login.email_ip', $emailKey, 5, 900, 900);
ApiResponse::error('invalid_credentials', 401);
}
// ---- Account checks ----
if (!(int) ($user['active'] ?? 0)) {
$rateLimiter->registerFailure('api.auth.login.ip', $ip, 10, 600, 300);
$rateLimiter->registerFailure('api.auth.login.email_ip', $emailKey, 5, 900, 900);
ApiResponse::error('account_inactive', 401);
}
if (empty($user['email_verified_at'])) {
$rateLimiter->registerFailure('api.auth.login.ip', $ip, 10, 600, 300);
$rateLimiter->registerFailure('api.auth.login.email_ip', $emailKey, 5, 900, 900);
ApiResponse::error('invalid_credentials', 401);
}
// ---- Password verification ----
if (!password_verify($password, (string) ($user['password'] ?? ''))) {
$rateLimiter->registerFailure('api.auth.login.ip', $ip, 10, 600, 300);
$rateLimiter->registerFailure('api.auth.login.email_ip', $emailKey, 5, 900, 900);
ApiResponse::error('invalid_credentials', 401);
}
// ---- 2FA stub ----
// When TOTP is implemented, intercept here if totp_secret is non-empty:
// return a short-lived challenge token instead of issuing a full API token.
// Example: ApiResponse::success(['requires_2fa' => true, 'challenge_token' => '...'], 200);
// $totpSecret = trim((string) ($user['totp_secret'] ?? ''));
// if ($totpSecret !== '') { /* TODO: 2FA challenge flow */ }
// ---- Successful login: reset email+IP rate limit ----
$rateLimiter->reset('api.auth.login.email_ip', $emailKey);
// ---- Optional tenant scope ----
$tenantId = null;
if ($tenantUuid !== '') {
$tenant = (new TenantRepository())->findByUuid($tenantUuid);
if (!$tenant) {
ApiResponse::error('invalid_tenant_uuid', 422);
}
$tenantId = (int) ($tenant['id'] ?? 0);
if ($tenantId <= 0) {
ApiResponse::error('invalid_tenant_uuid', 422);
}
$userId = (int) ($user['id'] ?? 0);
$userTenantIds = (new AuthServicesFactory())->createAuthScopeGateway()->getUserTenantIds($userId);
if (!in_array($tenantId, $userTenantIds, true)) {
ApiResponse::error('tenant_not_assigned', 403);
}
}
// ---- Create token ----
$userId = (int) ($user['id'] ?? 0);
$result = (new AuthServicesFactory())->createApiTokenService()->create(
$userId,
$tokenName,
$tenantId,
null, // expiresAt null → uses getApiTokenDefaultTtlDays() from settings
$userId // createdBy = self-issued
);
if (!($result['ok'] ?? false)) {
$error = (string) ($result['error'] ?? 'create_failed');
if ($error === 'max_tokens_reached') {
ApiResponse::error($error, 409);
}
ApiResponse::error($error, 422);
}
ApiResponse::success([
'data' => [
'token' => (string) ($result['token'] ?? ''),
'token_uuid' => (string) ($result['uuid'] ?? ''),
'expires_at' => $result['expires_at'] ?? null,
],
], 201);

View File

@@ -1,9 +1,8 @@
<?php
use MintyPHP\Http\ApiAuth;
use MintyPHP\Http\ApiBootstrap;
use MintyPHP\Http\ApiResponse;
use MintyPHP\Http\ApiAuth;
use MintyPHP\Service\Org\DepartmentService;
use MintyPHP\Service\Access\PermissionService;
ApiBootstrap::init();
@@ -25,7 +24,7 @@ if ($method === 'GET') {
if ($scopedTenantId) {
$options['tenantIds'] = [$scopedTenantId];
}
$result = DepartmentService::listPaged($options);
$result = directoryServicesFactory()->createDepartmentService()->listPaged($options);
$rows = [];
foreach ($result['rows'] as $row) {
@@ -59,7 +58,7 @@ if ($method === 'POST') {
}
$input['tenant_id'] = $scopedTenantId;
}
$result = DepartmentService::createFromAdmin($input, ApiAuth::userId());
$result = directoryServicesFactory()->createDepartmentService()->createFromAdmin($input, ApiAuth::userId());
ApiResponse::fromServiceResult($result, 201);
}

View File

@@ -1,9 +1,8 @@
<?php
use MintyPHP\Http\ApiAuth;
use MintyPHP\Http\ApiBootstrap;
use MintyPHP\Http\ApiResponse;
use MintyPHP\Http\ApiAuth;
use MintyPHP\Service\Org\DepartmentService;
use MintyPHP\Service\Access\PermissionService;
ApiBootstrap::init();
@@ -18,7 +17,7 @@ $method = strtoupper($_SERVER['REQUEST_METHOD'] ?? 'GET');
if ($method === 'GET') {
ApiResponse::requirePermission(PermissionService::DEPARTMENTS_VIEW);
$department = DepartmentService::findByUuid($uuid);
$department = directoryServicesFactory()->createDepartmentService()->findByUuid($uuid);
if (!$department) {
ApiResponse::notFound();
}
@@ -42,7 +41,7 @@ if ($method === 'GET') {
if ($method === 'PUT' || $method === 'PATCH') {
ApiResponse::requirePermission(PermissionService::DEPARTMENTS_UPDATE);
$department = DepartmentService::findByUuid($uuid);
$department = directoryServicesFactory()->createDepartmentService()->findByUuid($uuid);
if (!$department) {
ApiResponse::notFound();
}
@@ -51,14 +50,14 @@ if ($method === 'PUT' || $method === 'PATCH') {
ApiAuth::requireResourceAccess('departments', $departmentId);
$input = ApiResponse::readJsonBody();
$result = DepartmentService::updateFromAdmin($departmentId, $input, ApiAuth::userId());
$result = directoryServicesFactory()->createDepartmentService()->updateFromAdmin($departmentId, $input, ApiAuth::userId());
ApiResponse::fromServiceResult($result);
}
if ($method === 'DELETE') {
ApiResponse::requirePermission(PermissionService::DEPARTMENTS_DELETE);
$department = DepartmentService::findByUuid($uuid);
$department = directoryServicesFactory()->createDepartmentService()->findByUuid($uuid);
if (!$department) {
ApiResponse::notFound();
}
@@ -66,7 +65,7 @@ if ($method === 'DELETE') {
$departmentId = (int) ($department['id'] ?? 0);
ApiAuth::requireResourceAccess('departments', $departmentId);
$result = DepartmentService::deleteByUuid($uuid);
$result = directoryServicesFactory()->createDepartmentService()->deleteByUuid($uuid);
ApiResponse::fromServiceResult($result);
}

View File

@@ -1,26 +1,27 @@
<?php
use MintyPHP\Http\ApiAuth;
use MintyPHP\Http\ApiBootstrap;
use MintyPHP\Http\ApiResponse;
use MintyPHP\Http\ApiAuth;
use MintyPHP\Service\Access\PermissionService;
use MintyPHP\Service\CustomField\UserCustomFieldValueService;
use MintyPHP\Service\User\UserService;
use MintyPHP\Service\User\UserServicesFactory;
ApiBootstrap::init();
ApiResponse::requireMethod('GET');
$userAssignmentService = (new UserServicesFactory())->createUserAssignmentService();
$user = ApiAuth::user();
$userId = ApiAuth::userId();
$assignments = UserService::buildAssignmentsForUser($userId);
$assignments = $userAssignmentService->buildAssignmentsForUser($userId);
$currentTenantId = (int) (ApiAuth::tenantId() ?? 0);
$currentTenant = UserService::findTenantSummaryInAssignments($assignments, $currentTenantId);
$currentTenant = $userAssignmentService->findTenantSummaryInAssignments($assignments, $currentTenantId);
$primaryTenantId = (int) ($user['primary_tenant_id'] ?? 0);
$primaryTenant = UserService::findTenantSummaryInAssignments($assignments, $primaryTenantId);
$primaryTenant = $userAssignmentService->findTenantSummaryInAssignments($assignments, $primaryTenantId);
$publicAssignments = UserService::mapAssignmentsToPublic($assignments);
$publicAssignments = $userAssignmentService->mapAssignmentsToPublic($assignments);
$canViewPermissions = ApiAuth::hasPermission(PermissionService::PERMISSIONS_VIEW);
$publicPermissions = $canViewPermissions ? ApiAuth::permissions() : [];
$publicCustomFields = UserCustomFieldValueService::buildPublicValuesByTenant(

View File

@@ -5,9 +5,11 @@ use MintyPHP\Http\ApiBootstrap;
use MintyPHP\Http\ApiResponse;
use MintyPHP\Repository\Auth\ApiTokenRepository;
use MintyPHP\Repository\Tenant\TenantRepository;
use MintyPHP\Service\Auth\ApiTokenService;
use MintyPHP\Service\Auth\AuthServicesFactory;
ApiBootstrap::init();
$apiTokenService = (new AuthServicesFactory())->createApiTokenService();
$apiTokenRepository = new ApiTokenRepository();
$userId = ApiAuth::userId();
if ($userId <= 0) {
@@ -27,7 +29,7 @@ if ($method === 'GET') {
}
$scopedTenantId = ApiAuth::scopedTenantId();
$tokens = ApiTokenRepository::listByUserId($userId, $limit);
$tokens = $apiTokenRepository->listByUserId($userId, $limit);
$tenantIds = [];
foreach ($tokens as $token) {
$tokenTenantId = isset($token['tenant_id']) ? (int) $token['tenant_id'] : 0;
@@ -38,7 +40,7 @@ if ($method === 'GET') {
$tenantIds = array_values(array_unique($tenantIds));
$tenantUuidById = [];
if ($tenantIds) {
foreach (TenantRepository::listByIds($tenantIds) as $tenant) {
foreach ((new TenantRepository())->listByIds($tenantIds) as $tenant) {
$tenantId = (int) ($tenant['id'] ?? 0);
$tenantUuid = trim((string) ($tenant['uuid'] ?? ''));
if ($tenantId > 0 && $tenantUuid !== '') {
@@ -92,7 +94,7 @@ if ($method === 'POST') {
$tenantUuid = null;
$tenantUuidInput = trim((string) ($input['tenant_uuid'] ?? ''));
if ($tenantUuidInput !== '') {
$tenant = TenantRepository::findByUuid($tenantUuidInput);
$tenant = (new TenantRepository())->findByUuid($tenantUuidInput);
if (!$tenant) {
ApiResponse::validationError(['tenant_uuid' => ['invalid_tenant_uuid']]);
}
@@ -105,7 +107,7 @@ if ($method === 'POST') {
$scopedTenantId = ApiAuth::scopedTenantId();
if ($scopedTenantId !== null && $scopedTenantId > 0) {
$scopedTenant = TenantRepository::find($scopedTenantId);
$scopedTenant = (new TenantRepository())->find($scopedTenantId);
$scopedTenantUuid = trim((string) ($scopedTenant['uuid'] ?? ''));
if ($scopedTenantUuid === '') {
ApiResponse::forbidden('tenant_scoped_token_forbidden');
@@ -149,7 +151,7 @@ if ($method === 'POST') {
}
}
$result = ApiTokenService::create($userId, $name, $tenantId, $expiresAt, $userId);
$result = $apiTokenService->create($userId, $name, $tenantId, $expiresAt, $userId);
if (!($result['ok'] ?? false)) {
$error = (string) ($result['error'] ?? 'create_failed');
if ($error === 'tenant_not_assigned') {

View File

@@ -4,10 +4,11 @@ use MintyPHP\Http\ApiAuth;
use MintyPHP\Http\ApiBootstrap;
use MintyPHP\Http\ApiResponse;
use MintyPHP\Repository\Tenant\TenantRepository;
use MintyPHP\Service\Auth\ApiTokenService;
use MintyPHP\Service\Auth\AuthServicesFactory;
ApiBootstrap::init();
ApiResponse::requireMethod('POST');
$apiTokenService = (new AuthServicesFactory())->createApiTokenService();
$userId = ApiAuth::userId();
if ($userId <= 0) {
@@ -19,13 +20,13 @@ ApiAuth::requireSelfManageTokens();
$scopedTenantId = ApiAuth::scopedTenantId();
$scopedTenantUuid = null;
if ($scopedTenantId !== null && $scopedTenantId > 0) {
$tenant = TenantRepository::find($scopedTenantId);
$tenant = (new TenantRepository())->find($scopedTenantId);
$scopedTenantUuid = trim((string) ($tenant['uuid'] ?? ''));
if ($scopedTenantUuid === '') {
$scopedTenantUuid = null;
}
}
$result = ApiTokenService::revokeAllForUser($userId, $scopedTenantId);
$result = $apiTokenService->revokeAllForUser($userId, $scopedTenantId);
ApiResponse::success([
'data' => [

View File

@@ -4,10 +4,11 @@ use MintyPHP\Http\ApiAuth;
use MintyPHP\Http\ApiBootstrap;
use MintyPHP\Http\ApiResponse;
use MintyPHP\Repository\Tenant\TenantRepository;
use MintyPHP\Service\Auth\ApiTokenService;
use MintyPHP\Service\Auth\AuthServicesFactory;
ApiBootstrap::init();
ApiResponse::requireMethod('POST');
$apiTokenService = (new AuthServicesFactory())->createApiTokenService();
$userId = ApiAuth::userId();
if ($userId <= 0) {
@@ -25,7 +26,7 @@ $input = ApiResponse::readJsonBody();
$expiresInput = trim((string) ($input['expires_at'] ?? ''));
$expiresAt = $expiresInput !== '' ? $expiresInput : null;
$result = ApiTokenService::rotateCurrentToken($userId, $currentTokenId, $expiresAt);
$result = $apiTokenService->rotateCurrentToken($userId, $currentTokenId, $expiresAt);
if (!($result['ok'] ?? false)) {
$error = (string) ($result['error'] ?? 'rotate_failed');
if ($error === 'current_token_not_found') {
@@ -43,7 +44,7 @@ if (!($result['ok'] ?? false)) {
$tenantUuid = null;
$tenantId = isset($result['tenant_id']) ? (int) ($result['tenant_id']) : 0;
if ($tenantId > 0) {
$tenant = TenantRepository::find($tenantId);
$tenant = (new TenantRepository())->find($tenantId);
$tenantUuid = trim((string) ($tenant['uuid'] ?? ''));
if ($tenantUuid === '') {
$tenantUuid = null;

View File

@@ -7,6 +7,7 @@ use MintyPHP\Repository\Auth\ApiTokenRepository;
use MintyPHP\Repository\Tenant\TenantRepository;
ApiBootstrap::init();
$apiTokenRepository = new ApiTokenRepository();
$userId = ApiAuth::userId();
if ($userId <= 0) {
@@ -16,11 +17,11 @@ if ($userId <= 0) {
ApiAuth::requireSelfManageTokens();
$tokenUuid = trim((string) ($id ?? ''));
if (!ApiTokenRepository::isUuid($tokenUuid)) {
if (!$apiTokenRepository->isUuid($tokenUuid)) {
ApiResponse::notFound();
}
$token = ApiTokenRepository::findByUuidForUser($tokenUuid, $userId);
$token = $apiTokenRepository->findByUuidForUser($tokenUuid, $userId);
if (!$token) {
ApiResponse::notFound();
}
@@ -35,7 +36,7 @@ if ($scopedTenantId !== null && $scopedTenantId > 0 && $tokenTenantId !== $scope
}
$tenantUuid = null;
if ($tokenTenantId !== null) {
$tenant = TenantRepository::find($tokenTenantId);
$tenant = (new TenantRepository())->find($tokenTenantId);
$tenantUuid = trim((string) ($tenant['uuid'] ?? ''));
if ($tenantUuid === '') {
$tenantUuid = null;
@@ -62,7 +63,7 @@ if ($method === 'GET') {
}
if ($method === 'DELETE') {
$revoked = ApiTokenRepository::revokeByUuidForUser($tokenUuid, $userId);
$revoked = $apiTokenRepository->revokeByUuidForUser($tokenUuid, $userId);
if (!$revoked) {
ApiResponse::error('revoke_failed', 422);
}

View File

@@ -1,9 +1,8 @@
<?php
use MintyPHP\Http\ApiAuth;
use MintyPHP\Http\ApiBootstrap;
use MintyPHP\Http\ApiResponse;
use MintyPHP\Http\ApiAuth;
use MintyPHP\Service\Access\RoleService;
use MintyPHP\Service\Access\PermissionService;
ApiBootstrap::init();
@@ -13,7 +12,7 @@ $method = strtoupper($_SERVER['REQUEST_METHOD'] ?? 'GET');
if ($method === 'GET') {
ApiResponse::requirePermission(PermissionService::ROLES_VIEW);
$result = RoleService::listPaged([
$result = directoryServicesFactory()->createRoleService()->listPaged([
'limit' => (int) ($_GET['limit'] ?? 25),
'offset' => (int) ($_GET['offset'] ?? 0),
'search' => trim((string) ($_GET['search'] ?? '')),
@@ -44,7 +43,7 @@ if ($method === 'POST') {
ApiResponse::requirePermission(PermissionService::ROLES_CREATE);
$input = ApiResponse::readJsonBody();
$result = RoleService::createFromAdmin($input, ApiAuth::userId());
$result = directoryServicesFactory()->createRoleService()->createFromAdmin($input, ApiAuth::userId());
ApiResponse::fromServiceResult($result, 201);
}

View File

@@ -1,9 +1,8 @@
<?php
use MintyPHP\Http\ApiAuth;
use MintyPHP\Http\ApiBootstrap;
use MintyPHP\Http\ApiResponse;
use MintyPHP\Http\ApiAuth;
use MintyPHP\Service\Access\RoleService;
use MintyPHP\Service\Access\PermissionService;
ApiBootstrap::init();
@@ -18,7 +17,7 @@ $method = strtoupper($_SERVER['REQUEST_METHOD'] ?? 'GET');
if ($method === 'GET') {
ApiResponse::requirePermission(PermissionService::ROLES_VIEW);
$role = RoleService::findByUuid($uuid);
$role = directoryServicesFactory()->createRoleService()->findByUuid($uuid);
if (!$role) {
ApiResponse::notFound();
}
@@ -38,21 +37,21 @@ if ($method === 'GET') {
if ($method === 'PUT' || $method === 'PATCH') {
ApiResponse::requirePermission(PermissionService::ROLES_UPDATE);
$role = RoleService::findByUuid($uuid);
$role = directoryServicesFactory()->createRoleService()->findByUuid($uuid);
if (!$role) {
ApiResponse::notFound();
}
$roleId = (int) ($role['id'] ?? 0);
$input = ApiResponse::readJsonBody();
$result = RoleService::updateFromAdmin($roleId, $input, ApiAuth::userId());
$result = directoryServicesFactory()->createRoleService()->updateFromAdmin($roleId, $input, ApiAuth::userId());
ApiResponse::fromServiceResult($result);
}
if ($method === 'DELETE') {
ApiResponse::requirePermission(PermissionService::ROLES_DELETE);
$result = RoleService::deleteByUuid($uuid);
$result = directoryServicesFactory()->createRoleService()->deleteByUuid($uuid);
ApiResponse::fromServiceResult($result);
}

View File

@@ -1,9 +1,8 @@
<?php
use MintyPHP\Http\ApiAuth;
use MintyPHP\Http\ApiBootstrap;
use MintyPHP\Http\ApiResponse;
use MintyPHP\Http\ApiAuth;
use MintyPHP\Service\Tenant\TenantService;
use MintyPHP\Service\Access\PermissionService;
ApiBootstrap::init();
@@ -25,7 +24,7 @@ if ($method === 'GET') {
if ($scopedTenantId) {
$options['tenantIds'] = [$scopedTenantId];
}
$result = TenantService::listPaged($options);
$result = directoryServicesFactory()->createTenantService()->listPaged($options);
$rows = [];
foreach ($result['rows'] as $row) {
@@ -54,7 +53,7 @@ if ($method === 'POST') {
}
$input = ApiResponse::readJsonBody();
$result = TenantService::createFromAdmin($input, ApiAuth::userId());
$result = directoryServicesFactory()->createTenantService()->createFromAdmin($input, ApiAuth::userId());
ApiResponse::fromServiceResult($result, 201);
}

View File

@@ -1,9 +1,8 @@
<?php
use MintyPHP\Http\ApiAuth;
use MintyPHP\Http\ApiBootstrap;
use MintyPHP\Http\ApiResponse;
use MintyPHP\Http\ApiAuth;
use MintyPHP\Service\Tenant\TenantService;
use MintyPHP\Service\Access\PermissionService;
ApiBootstrap::init();
@@ -18,7 +17,7 @@ $method = strtoupper($_SERVER['REQUEST_METHOD'] ?? 'GET');
if ($method === 'GET') {
ApiResponse::requirePermission(PermissionService::TENANTS_VIEW);
$tenant = TenantService::findByUuid($uuid);
$tenant = directoryServicesFactory()->createTenantService()->findByUuid($uuid);
if (!$tenant) {
ApiResponse::notFound();
}
@@ -47,7 +46,7 @@ if ($method === 'GET') {
if ($method === 'PUT' || $method === 'PATCH') {
ApiResponse::requirePermission(PermissionService::TENANTS_UPDATE);
$tenant = TenantService::findByUuid($uuid);
$tenant = directoryServicesFactory()->createTenantService()->findByUuid($uuid);
if (!$tenant) {
ApiResponse::notFound();
}
@@ -56,14 +55,14 @@ if ($method === 'PUT' || $method === 'PATCH') {
ApiAuth::requireResourceAccess('tenants', $tenantId);
$input = ApiResponse::readJsonBody();
$result = TenantService::updateFromAdmin($tenantId, $input, ApiAuth::userId());
$result = directoryServicesFactory()->createTenantService()->updateFromAdmin($tenantId, $input, ApiAuth::userId());
ApiResponse::fromServiceResult($result);
}
if ($method === 'DELETE') {
ApiResponse::requirePermission(PermissionService::TENANTS_DELETE);
$tenant = TenantService::findByUuid($uuid);
$tenant = directoryServicesFactory()->createTenantService()->findByUuid($uuid);
if (!$tenant) {
ApiResponse::notFound();
}
@@ -71,7 +70,7 @@ if ($method === 'DELETE') {
$tenantId = (int) ($tenant['id'] ?? 0);
ApiAuth::requireResourceAccess('tenants', $tenantId);
$result = TenantService::deleteByUuid($uuid);
$result = directoryServicesFactory()->createTenantService()->deleteByUuid($uuid);
ApiResponse::fromServiceResult($result);
}

View File

@@ -1,13 +1,14 @@
<?php
use MintyPHP\Http\ApiAuth;
use MintyPHP\Http\ApiBootstrap;
use MintyPHP\Http\ApiResponse;
use MintyPHP\Http\ApiAuth;
use MintyPHP\Service\User\UserService;
use MintyPHP\Service\Access\PermissionService;
use MintyPHP\Service\Tenant\TenantService;
use MintyPHP\Service\User\UserServicesFactory;
ApiBootstrap::init();
$userServicesFactory = new UserServicesFactory();
$userAccountService = $userServicesFactory->createUserAccountService();
$method = strtoupper($_SERVER['REQUEST_METHOD'] ?? 'GET');
@@ -34,14 +35,14 @@ if ($method === 'GET') {
];
$scopedTenantId = ApiAuth::scopedTenantId();
if ($scopedTenantId) {
$tenant = TenantService::findById($scopedTenantId);
$tenant = directoryServicesFactory()->createTenantService()->findById($scopedTenantId);
$tenantUuid = trim((string) ($tenant['uuid'] ?? ''));
if ($tenantUuid === '') {
ApiResponse::notFound();
}
$options['tenant'] = $tenantUuid;
}
$result = UserService::listPaged($options);
$result = $userAccountService->listPaged($options);
$rows = [];
foreach ($result['rows'] as $row) {
@@ -96,7 +97,7 @@ if ($method === 'POST') {
$input['tenant_ids'] = [$scopedTenantId];
$input['primary_tenant_id'] = $scopedTenantId;
}
$result = UserService::createFromAdmin($input, ApiAuth::userId());
$result = $userAccountService->createFromAdmin($input, ApiAuth::userId());
ApiResponse::fromServiceResult($result, 201);
}

View File

@@ -1,15 +1,19 @@
<?php
use MintyPHP\Http\ApiAuth;
use MintyPHP\Http\ApiBootstrap;
use MintyPHP\Http\ApiResponse;
use MintyPHP\Http\ApiAuth;
use MintyPHP\Repository\Access\RolePermissionRepository;
use MintyPHP\Repository\Access\UserRoleRepository;
use MintyPHP\Service\CustomField\UserCustomFieldValueService;
use MintyPHP\Service\User\UserService;
use MintyPHP\Service\Access\AccessServicesFactory;
use MintyPHP\Service\Access\PermissionService;
use MintyPHP\Service\CustomField\UserCustomFieldValueService;
use MintyPHP\Service\User\UserServicesFactory;
ApiBootstrap::init();
$userServicesFactory = new UserServicesFactory();
$userAccountService = $userServicesFactory->createUserAccountService();
$userAssignmentService = $userServicesFactory->createUserAssignmentService();
$userRoleRepository = $userServicesFactory->createUserRoleRepository();
$rolePermissionRepository = (new AccessServicesFactory())->createRolePermissionRepository();
$uuid = trim((string) ($id ?? ''));
if ($uuid === '') {
@@ -21,17 +25,17 @@ $method = strtoupper($_SERVER['REQUEST_METHOD'] ?? 'GET');
if ($method === 'GET') {
ApiResponse::requirePermission(PermissionService::USERS_VIEW);
$user = UserService::findByUuid($uuid);
$user = $userAccountService->findByUuid($uuid);
if (!$user) {
ApiResponse::notFound();
}
$userId = (int) ($user['id'] ?? 0);
ApiAuth::requireResourceAccess('users', $userId);
$assignments = UserService::buildAssignmentsForUser($userId);
$assignments = $userAssignmentService->buildAssignmentsForUser($userId);
$primaryTenantId = (int) ($user['primary_tenant_id'] ?? 0);
$primaryTenant = UserService::findTenantSummaryInAssignments($assignments, $primaryTenantId);
$publicAssignments = UserService::mapAssignmentsToPublic($assignments);
$primaryTenant = $userAssignmentService->findTenantSummaryInAssignments($assignments, $primaryTenantId);
$publicAssignments = $userAssignmentService->mapAssignmentsToPublic($assignments);
$publicCustomFields = UserCustomFieldValueService::buildPublicValuesByTenant(
$userId,
$assignments['tenants'] ?? [],
@@ -39,8 +43,8 @@ if ($method === 'GET') {
);
$publicPermissions = [];
if (ApiAuth::hasPermission(PermissionService::PERMISSIONS_VIEW)) {
$roleIds = UserRoleRepository::listRoleIdsByUserId($userId);
$publicPermissions = RolePermissionRepository::listPermissionKeysByRoleIds($roleIds);
$roleIds = $userRoleRepository->listRoleIdsByUserId($userId);
$publicPermissions = $rolePermissionRepository->listPermissionKeysByRoleIds($roleIds);
}
ApiResponse::success([
@@ -72,7 +76,7 @@ if ($method === 'GET') {
if ($method === 'PUT' || $method === 'PATCH') {
ApiResponse::requirePermission(PermissionService::USERS_UPDATE);
$user = UserService::findByUuid($uuid);
$user = $userAccountService->findByUuid($uuid);
if (!$user) {
ApiResponse::notFound();
}
@@ -103,14 +107,14 @@ if ($method === 'PUT' || $method === 'PATCH') {
}
}
}
$result = UserService::updateFromAdmin($userId, $input, ApiAuth::userId());
$result = $userAccountService->updateFromAdmin($userId, $input, ApiAuth::userId());
ApiResponse::fromServiceResult($result);
}
if ($method === 'DELETE') {
ApiResponse::requirePermission(PermissionService::USERS_DELETE);
$user = UserService::findByUuid($uuid);
$user = $userAccountService->findByUuid($uuid);
if (!$user) {
ApiResponse::notFound();
}
@@ -118,7 +122,7 @@ if ($method === 'DELETE') {
$userId = (int) ($user['id'] ?? 0);
ApiAuth::requireResourceAccess('users', $userId);
$result = UserService::deleteByUuid($uuid, ApiAuth::userId());
$result = $userAccountService->deleteByUuid($uuid, ApiAuth::userId());
ApiResponse::fromServiceResult($result);
}