instances added god may help
This commit is contained in:
129
pages/api/v1/auth/login().php
Normal file
129
pages/api/v1/auth/login().php
Normal file
@@ -0,0 +1,129 @@
|
||||
<?php
|
||||
|
||||
use MintyPHP\Http\ApiBootstrap;
|
||||
use MintyPHP\Http\ApiResponse;
|
||||
use MintyPHP\Repository\Tenant\TenantRepository;
|
||||
use MintyPHP\Service\Auth\AuthServicesFactory;
|
||||
use MintyPHP\Service\Security\SecurityServicesFactory;
|
||||
use MintyPHP\Service\User\UserServicesFactory;
|
||||
|
||||
ApiBootstrap::init();
|
||||
ApiResponse::requireMethod('POST');
|
||||
|
||||
$input = ApiResponse::readJsonBody();
|
||||
|
||||
// ---- Login-specific rate limits (stricter than the general API rate limit in ApiBootstrap) ----
|
||||
$rateLimiter = (new SecurityServicesFactory())->createRateLimiterService();
|
||||
$ip = $_SERVER['REMOTE_ADDR'] ?? '';
|
||||
|
||||
$ipResult = $rateLimiter->isBlocked('api.auth.login.ip', $ip);
|
||||
if (!($ipResult['allowed'] ?? true)) {
|
||||
ApiResponse::tooManyRequests((int) ($ipResult['retry_after'] ?? 60));
|
||||
}
|
||||
|
||||
// ---- Input ----
|
||||
$email = strtolower(trim((string) ($input['email'] ?? '')));
|
||||
$password = (string) ($input['password'] ?? '');
|
||||
$tokenName = trim((string) ($input['token_name'] ?? '')) ?: 'Login';
|
||||
$tenantUuid = trim((string) ($input['tenant_uuid'] ?? ''));
|
||||
|
||||
$validationErrors = [];
|
||||
if ($email === '') {
|
||||
$validationErrors['email'] = ['required'];
|
||||
}
|
||||
if ($password === '') {
|
||||
$validationErrors['password'] = ['required'];
|
||||
}
|
||||
if ($validationErrors) {
|
||||
ApiResponse::validationError($validationErrors);
|
||||
}
|
||||
|
||||
// ---- Email+IP rate limit ----
|
||||
$emailKey = $email . '|' . $ip;
|
||||
$emailResult = $rateLimiter->isBlocked('api.auth.login.email_ip', $emailKey);
|
||||
if (!($emailResult['allowed'] ?? true)) {
|
||||
ApiResponse::tooManyRequests((int) ($emailResult['retry_after'] ?? 60));
|
||||
}
|
||||
|
||||
// ---- User lookup ----
|
||||
$userReadRepository = (new UserServicesFactory())->createUserReadRepository();
|
||||
$user = $userReadRepository->findByEmail($email);
|
||||
if (!$user) {
|
||||
$rateLimiter->registerFailure('api.auth.login.ip', $ip, 10, 600, 300);
|
||||
$rateLimiter->registerFailure('api.auth.login.email_ip', $emailKey, 5, 900, 900);
|
||||
ApiResponse::error('invalid_credentials', 401);
|
||||
}
|
||||
|
||||
// ---- Account checks ----
|
||||
if (!(int) ($user['active'] ?? 0)) {
|
||||
$rateLimiter->registerFailure('api.auth.login.ip', $ip, 10, 600, 300);
|
||||
$rateLimiter->registerFailure('api.auth.login.email_ip', $emailKey, 5, 900, 900);
|
||||
ApiResponse::error('account_inactive', 401);
|
||||
}
|
||||
|
||||
if (empty($user['email_verified_at'])) {
|
||||
$rateLimiter->registerFailure('api.auth.login.ip', $ip, 10, 600, 300);
|
||||
$rateLimiter->registerFailure('api.auth.login.email_ip', $emailKey, 5, 900, 900);
|
||||
ApiResponse::error('invalid_credentials', 401);
|
||||
}
|
||||
|
||||
// ---- Password verification ----
|
||||
if (!password_verify($password, (string) ($user['password'] ?? ''))) {
|
||||
$rateLimiter->registerFailure('api.auth.login.ip', $ip, 10, 600, 300);
|
||||
$rateLimiter->registerFailure('api.auth.login.email_ip', $emailKey, 5, 900, 900);
|
||||
ApiResponse::error('invalid_credentials', 401);
|
||||
}
|
||||
|
||||
// ---- 2FA stub ----
|
||||
// When TOTP is implemented, intercept here if totp_secret is non-empty:
|
||||
// return a short-lived challenge token instead of issuing a full API token.
|
||||
// Example: ApiResponse::success(['requires_2fa' => true, 'challenge_token' => '...'], 200);
|
||||
// $totpSecret = trim((string) ($user['totp_secret'] ?? ''));
|
||||
// if ($totpSecret !== '') { /* TODO: 2FA challenge flow */ }
|
||||
|
||||
// ---- Successful login: reset email+IP rate limit ----
|
||||
$rateLimiter->reset('api.auth.login.email_ip', $emailKey);
|
||||
|
||||
// ---- Optional tenant scope ----
|
||||
$tenantId = null;
|
||||
if ($tenantUuid !== '') {
|
||||
$tenant = (new TenantRepository())->findByUuid($tenantUuid);
|
||||
if (!$tenant) {
|
||||
ApiResponse::error('invalid_tenant_uuid', 422);
|
||||
}
|
||||
$tenantId = (int) ($tenant['id'] ?? 0);
|
||||
if ($tenantId <= 0) {
|
||||
ApiResponse::error('invalid_tenant_uuid', 422);
|
||||
}
|
||||
$userId = (int) ($user['id'] ?? 0);
|
||||
$userTenantIds = (new AuthServicesFactory())->createAuthScopeGateway()->getUserTenantIds($userId);
|
||||
if (!in_array($tenantId, $userTenantIds, true)) {
|
||||
ApiResponse::error('tenant_not_assigned', 403);
|
||||
}
|
||||
}
|
||||
|
||||
// ---- Create token ----
|
||||
$userId = (int) ($user['id'] ?? 0);
|
||||
$result = (new AuthServicesFactory())->createApiTokenService()->create(
|
||||
$userId,
|
||||
$tokenName,
|
||||
$tenantId,
|
||||
null, // expiresAt null → uses getApiTokenDefaultTtlDays() from settings
|
||||
$userId // createdBy = self-issued
|
||||
);
|
||||
|
||||
if (!($result['ok'] ?? false)) {
|
||||
$error = (string) ($result['error'] ?? 'create_failed');
|
||||
if ($error === 'max_tokens_reached') {
|
||||
ApiResponse::error($error, 409);
|
||||
}
|
||||
ApiResponse::error($error, 422);
|
||||
}
|
||||
|
||||
ApiResponse::success([
|
||||
'data' => [
|
||||
'token' => (string) ($result['token'] ?? ''),
|
||||
'token_uuid' => (string) ($result['uuid'] ?? ''),
|
||||
'expires_at' => $result['expires_at'] ?? null,
|
||||
],
|
||||
], 201);
|
||||
@@ -1,9 +1,8 @@
|
||||
<?php
|
||||
|
||||
use MintyPHP\Http\ApiAuth;
|
||||
use MintyPHP\Http\ApiBootstrap;
|
||||
use MintyPHP\Http\ApiResponse;
|
||||
use MintyPHP\Http\ApiAuth;
|
||||
use MintyPHP\Service\Org\DepartmentService;
|
||||
use MintyPHP\Service\Access\PermissionService;
|
||||
|
||||
ApiBootstrap::init();
|
||||
@@ -25,7 +24,7 @@ if ($method === 'GET') {
|
||||
if ($scopedTenantId) {
|
||||
$options['tenantIds'] = [$scopedTenantId];
|
||||
}
|
||||
$result = DepartmentService::listPaged($options);
|
||||
$result = directoryServicesFactory()->createDepartmentService()->listPaged($options);
|
||||
|
||||
$rows = [];
|
||||
foreach ($result['rows'] as $row) {
|
||||
@@ -59,7 +58,7 @@ if ($method === 'POST') {
|
||||
}
|
||||
$input['tenant_id'] = $scopedTenantId;
|
||||
}
|
||||
$result = DepartmentService::createFromAdmin($input, ApiAuth::userId());
|
||||
$result = directoryServicesFactory()->createDepartmentService()->createFromAdmin($input, ApiAuth::userId());
|
||||
ApiResponse::fromServiceResult($result, 201);
|
||||
}
|
||||
|
||||
|
||||
@@ -1,9 +1,8 @@
|
||||
<?php
|
||||
|
||||
use MintyPHP\Http\ApiAuth;
|
||||
use MintyPHP\Http\ApiBootstrap;
|
||||
use MintyPHP\Http\ApiResponse;
|
||||
use MintyPHP\Http\ApiAuth;
|
||||
use MintyPHP\Service\Org\DepartmentService;
|
||||
use MintyPHP\Service\Access\PermissionService;
|
||||
|
||||
ApiBootstrap::init();
|
||||
@@ -18,7 +17,7 @@ $method = strtoupper($_SERVER['REQUEST_METHOD'] ?? 'GET');
|
||||
if ($method === 'GET') {
|
||||
ApiResponse::requirePermission(PermissionService::DEPARTMENTS_VIEW);
|
||||
|
||||
$department = DepartmentService::findByUuid($uuid);
|
||||
$department = directoryServicesFactory()->createDepartmentService()->findByUuid($uuid);
|
||||
if (!$department) {
|
||||
ApiResponse::notFound();
|
||||
}
|
||||
@@ -42,7 +41,7 @@ if ($method === 'GET') {
|
||||
if ($method === 'PUT' || $method === 'PATCH') {
|
||||
ApiResponse::requirePermission(PermissionService::DEPARTMENTS_UPDATE);
|
||||
|
||||
$department = DepartmentService::findByUuid($uuid);
|
||||
$department = directoryServicesFactory()->createDepartmentService()->findByUuid($uuid);
|
||||
if (!$department) {
|
||||
ApiResponse::notFound();
|
||||
}
|
||||
@@ -51,14 +50,14 @@ if ($method === 'PUT' || $method === 'PATCH') {
|
||||
ApiAuth::requireResourceAccess('departments', $departmentId);
|
||||
|
||||
$input = ApiResponse::readJsonBody();
|
||||
$result = DepartmentService::updateFromAdmin($departmentId, $input, ApiAuth::userId());
|
||||
$result = directoryServicesFactory()->createDepartmentService()->updateFromAdmin($departmentId, $input, ApiAuth::userId());
|
||||
ApiResponse::fromServiceResult($result);
|
||||
}
|
||||
|
||||
if ($method === 'DELETE') {
|
||||
ApiResponse::requirePermission(PermissionService::DEPARTMENTS_DELETE);
|
||||
|
||||
$department = DepartmentService::findByUuid($uuid);
|
||||
$department = directoryServicesFactory()->createDepartmentService()->findByUuid($uuid);
|
||||
if (!$department) {
|
||||
ApiResponse::notFound();
|
||||
}
|
||||
@@ -66,7 +65,7 @@ if ($method === 'DELETE') {
|
||||
$departmentId = (int) ($department['id'] ?? 0);
|
||||
ApiAuth::requireResourceAccess('departments', $departmentId);
|
||||
|
||||
$result = DepartmentService::deleteByUuid($uuid);
|
||||
$result = directoryServicesFactory()->createDepartmentService()->deleteByUuid($uuid);
|
||||
ApiResponse::fromServiceResult($result);
|
||||
}
|
||||
|
||||
|
||||
@@ -1,26 +1,27 @@
|
||||
<?php
|
||||
|
||||
use MintyPHP\Http\ApiAuth;
|
||||
use MintyPHP\Http\ApiBootstrap;
|
||||
use MintyPHP\Http\ApiResponse;
|
||||
use MintyPHP\Http\ApiAuth;
|
||||
use MintyPHP\Service\Access\PermissionService;
|
||||
use MintyPHP\Service\CustomField\UserCustomFieldValueService;
|
||||
use MintyPHP\Service\User\UserService;
|
||||
use MintyPHP\Service\User\UserServicesFactory;
|
||||
|
||||
ApiBootstrap::init();
|
||||
ApiResponse::requireMethod('GET');
|
||||
$userAssignmentService = (new UserServicesFactory())->createUserAssignmentService();
|
||||
|
||||
$user = ApiAuth::user();
|
||||
$userId = ApiAuth::userId();
|
||||
$assignments = UserService::buildAssignmentsForUser($userId);
|
||||
$assignments = $userAssignmentService->buildAssignmentsForUser($userId);
|
||||
|
||||
$currentTenantId = (int) (ApiAuth::tenantId() ?? 0);
|
||||
$currentTenant = UserService::findTenantSummaryInAssignments($assignments, $currentTenantId);
|
||||
$currentTenant = $userAssignmentService->findTenantSummaryInAssignments($assignments, $currentTenantId);
|
||||
|
||||
$primaryTenantId = (int) ($user['primary_tenant_id'] ?? 0);
|
||||
$primaryTenant = UserService::findTenantSummaryInAssignments($assignments, $primaryTenantId);
|
||||
$primaryTenant = $userAssignmentService->findTenantSummaryInAssignments($assignments, $primaryTenantId);
|
||||
|
||||
$publicAssignments = UserService::mapAssignmentsToPublic($assignments);
|
||||
$publicAssignments = $userAssignmentService->mapAssignmentsToPublic($assignments);
|
||||
$canViewPermissions = ApiAuth::hasPermission(PermissionService::PERMISSIONS_VIEW);
|
||||
$publicPermissions = $canViewPermissions ? ApiAuth::permissions() : [];
|
||||
$publicCustomFields = UserCustomFieldValueService::buildPublicValuesByTenant(
|
||||
|
||||
@@ -5,9 +5,11 @@ use MintyPHP\Http\ApiBootstrap;
|
||||
use MintyPHP\Http\ApiResponse;
|
||||
use MintyPHP\Repository\Auth\ApiTokenRepository;
|
||||
use MintyPHP\Repository\Tenant\TenantRepository;
|
||||
use MintyPHP\Service\Auth\ApiTokenService;
|
||||
use MintyPHP\Service\Auth\AuthServicesFactory;
|
||||
|
||||
ApiBootstrap::init();
|
||||
$apiTokenService = (new AuthServicesFactory())->createApiTokenService();
|
||||
$apiTokenRepository = new ApiTokenRepository();
|
||||
|
||||
$userId = ApiAuth::userId();
|
||||
if ($userId <= 0) {
|
||||
@@ -27,7 +29,7 @@ if ($method === 'GET') {
|
||||
}
|
||||
|
||||
$scopedTenantId = ApiAuth::scopedTenantId();
|
||||
$tokens = ApiTokenRepository::listByUserId($userId, $limit);
|
||||
$tokens = $apiTokenRepository->listByUserId($userId, $limit);
|
||||
$tenantIds = [];
|
||||
foreach ($tokens as $token) {
|
||||
$tokenTenantId = isset($token['tenant_id']) ? (int) $token['tenant_id'] : 0;
|
||||
@@ -38,7 +40,7 @@ if ($method === 'GET') {
|
||||
$tenantIds = array_values(array_unique($tenantIds));
|
||||
$tenantUuidById = [];
|
||||
if ($tenantIds) {
|
||||
foreach (TenantRepository::listByIds($tenantIds) as $tenant) {
|
||||
foreach ((new TenantRepository())->listByIds($tenantIds) as $tenant) {
|
||||
$tenantId = (int) ($tenant['id'] ?? 0);
|
||||
$tenantUuid = trim((string) ($tenant['uuid'] ?? ''));
|
||||
if ($tenantId > 0 && $tenantUuid !== '') {
|
||||
@@ -92,7 +94,7 @@ if ($method === 'POST') {
|
||||
$tenantUuid = null;
|
||||
$tenantUuidInput = trim((string) ($input['tenant_uuid'] ?? ''));
|
||||
if ($tenantUuidInput !== '') {
|
||||
$tenant = TenantRepository::findByUuid($tenantUuidInput);
|
||||
$tenant = (new TenantRepository())->findByUuid($tenantUuidInput);
|
||||
if (!$tenant) {
|
||||
ApiResponse::validationError(['tenant_uuid' => ['invalid_tenant_uuid']]);
|
||||
}
|
||||
@@ -105,7 +107,7 @@ if ($method === 'POST') {
|
||||
|
||||
$scopedTenantId = ApiAuth::scopedTenantId();
|
||||
if ($scopedTenantId !== null && $scopedTenantId > 0) {
|
||||
$scopedTenant = TenantRepository::find($scopedTenantId);
|
||||
$scopedTenant = (new TenantRepository())->find($scopedTenantId);
|
||||
$scopedTenantUuid = trim((string) ($scopedTenant['uuid'] ?? ''));
|
||||
if ($scopedTenantUuid === '') {
|
||||
ApiResponse::forbidden('tenant_scoped_token_forbidden');
|
||||
@@ -149,7 +151,7 @@ if ($method === 'POST') {
|
||||
}
|
||||
}
|
||||
|
||||
$result = ApiTokenService::create($userId, $name, $tenantId, $expiresAt, $userId);
|
||||
$result = $apiTokenService->create($userId, $name, $tenantId, $expiresAt, $userId);
|
||||
if (!($result['ok'] ?? false)) {
|
||||
$error = (string) ($result['error'] ?? 'create_failed');
|
||||
if ($error === 'tenant_not_assigned') {
|
||||
|
||||
@@ -4,10 +4,11 @@ use MintyPHP\Http\ApiAuth;
|
||||
use MintyPHP\Http\ApiBootstrap;
|
||||
use MintyPHP\Http\ApiResponse;
|
||||
use MintyPHP\Repository\Tenant\TenantRepository;
|
||||
use MintyPHP\Service\Auth\ApiTokenService;
|
||||
use MintyPHP\Service\Auth\AuthServicesFactory;
|
||||
|
||||
ApiBootstrap::init();
|
||||
ApiResponse::requireMethod('POST');
|
||||
$apiTokenService = (new AuthServicesFactory())->createApiTokenService();
|
||||
|
||||
$userId = ApiAuth::userId();
|
||||
if ($userId <= 0) {
|
||||
@@ -19,13 +20,13 @@ ApiAuth::requireSelfManageTokens();
|
||||
$scopedTenantId = ApiAuth::scopedTenantId();
|
||||
$scopedTenantUuid = null;
|
||||
if ($scopedTenantId !== null && $scopedTenantId > 0) {
|
||||
$tenant = TenantRepository::find($scopedTenantId);
|
||||
$tenant = (new TenantRepository())->find($scopedTenantId);
|
||||
$scopedTenantUuid = trim((string) ($tenant['uuid'] ?? ''));
|
||||
if ($scopedTenantUuid === '') {
|
||||
$scopedTenantUuid = null;
|
||||
}
|
||||
}
|
||||
$result = ApiTokenService::revokeAllForUser($userId, $scopedTenantId);
|
||||
$result = $apiTokenService->revokeAllForUser($userId, $scopedTenantId);
|
||||
|
||||
ApiResponse::success([
|
||||
'data' => [
|
||||
|
||||
@@ -4,10 +4,11 @@ use MintyPHP\Http\ApiAuth;
|
||||
use MintyPHP\Http\ApiBootstrap;
|
||||
use MintyPHP\Http\ApiResponse;
|
||||
use MintyPHP\Repository\Tenant\TenantRepository;
|
||||
use MintyPHP\Service\Auth\ApiTokenService;
|
||||
use MintyPHP\Service\Auth\AuthServicesFactory;
|
||||
|
||||
ApiBootstrap::init();
|
||||
ApiResponse::requireMethod('POST');
|
||||
$apiTokenService = (new AuthServicesFactory())->createApiTokenService();
|
||||
|
||||
$userId = ApiAuth::userId();
|
||||
if ($userId <= 0) {
|
||||
@@ -25,7 +26,7 @@ $input = ApiResponse::readJsonBody();
|
||||
$expiresInput = trim((string) ($input['expires_at'] ?? ''));
|
||||
$expiresAt = $expiresInput !== '' ? $expiresInput : null;
|
||||
|
||||
$result = ApiTokenService::rotateCurrentToken($userId, $currentTokenId, $expiresAt);
|
||||
$result = $apiTokenService->rotateCurrentToken($userId, $currentTokenId, $expiresAt);
|
||||
if (!($result['ok'] ?? false)) {
|
||||
$error = (string) ($result['error'] ?? 'rotate_failed');
|
||||
if ($error === 'current_token_not_found') {
|
||||
@@ -43,7 +44,7 @@ if (!($result['ok'] ?? false)) {
|
||||
$tenantUuid = null;
|
||||
$tenantId = isset($result['tenant_id']) ? (int) ($result['tenant_id']) : 0;
|
||||
if ($tenantId > 0) {
|
||||
$tenant = TenantRepository::find($tenantId);
|
||||
$tenant = (new TenantRepository())->find($tenantId);
|
||||
$tenantUuid = trim((string) ($tenant['uuid'] ?? ''));
|
||||
if ($tenantUuid === '') {
|
||||
$tenantUuid = null;
|
||||
|
||||
@@ -7,6 +7,7 @@ use MintyPHP\Repository\Auth\ApiTokenRepository;
|
||||
use MintyPHP\Repository\Tenant\TenantRepository;
|
||||
|
||||
ApiBootstrap::init();
|
||||
$apiTokenRepository = new ApiTokenRepository();
|
||||
|
||||
$userId = ApiAuth::userId();
|
||||
if ($userId <= 0) {
|
||||
@@ -16,11 +17,11 @@ if ($userId <= 0) {
|
||||
ApiAuth::requireSelfManageTokens();
|
||||
|
||||
$tokenUuid = trim((string) ($id ?? ''));
|
||||
if (!ApiTokenRepository::isUuid($tokenUuid)) {
|
||||
if (!$apiTokenRepository->isUuid($tokenUuid)) {
|
||||
ApiResponse::notFound();
|
||||
}
|
||||
|
||||
$token = ApiTokenRepository::findByUuidForUser($tokenUuid, $userId);
|
||||
$token = $apiTokenRepository->findByUuidForUser($tokenUuid, $userId);
|
||||
if (!$token) {
|
||||
ApiResponse::notFound();
|
||||
}
|
||||
@@ -35,7 +36,7 @@ if ($scopedTenantId !== null && $scopedTenantId > 0 && $tokenTenantId !== $scope
|
||||
}
|
||||
$tenantUuid = null;
|
||||
if ($tokenTenantId !== null) {
|
||||
$tenant = TenantRepository::find($tokenTenantId);
|
||||
$tenant = (new TenantRepository())->find($tokenTenantId);
|
||||
$tenantUuid = trim((string) ($tenant['uuid'] ?? ''));
|
||||
if ($tenantUuid === '') {
|
||||
$tenantUuid = null;
|
||||
@@ -62,7 +63,7 @@ if ($method === 'GET') {
|
||||
}
|
||||
|
||||
if ($method === 'DELETE') {
|
||||
$revoked = ApiTokenRepository::revokeByUuidForUser($tokenUuid, $userId);
|
||||
$revoked = $apiTokenRepository->revokeByUuidForUser($tokenUuid, $userId);
|
||||
if (!$revoked) {
|
||||
ApiResponse::error('revoke_failed', 422);
|
||||
}
|
||||
|
||||
@@ -1,9 +1,8 @@
|
||||
<?php
|
||||
|
||||
use MintyPHP\Http\ApiAuth;
|
||||
use MintyPHP\Http\ApiBootstrap;
|
||||
use MintyPHP\Http\ApiResponse;
|
||||
use MintyPHP\Http\ApiAuth;
|
||||
use MintyPHP\Service\Access\RoleService;
|
||||
use MintyPHP\Service\Access\PermissionService;
|
||||
|
||||
ApiBootstrap::init();
|
||||
@@ -13,7 +12,7 @@ $method = strtoupper($_SERVER['REQUEST_METHOD'] ?? 'GET');
|
||||
if ($method === 'GET') {
|
||||
ApiResponse::requirePermission(PermissionService::ROLES_VIEW);
|
||||
|
||||
$result = RoleService::listPaged([
|
||||
$result = directoryServicesFactory()->createRoleService()->listPaged([
|
||||
'limit' => (int) ($_GET['limit'] ?? 25),
|
||||
'offset' => (int) ($_GET['offset'] ?? 0),
|
||||
'search' => trim((string) ($_GET['search'] ?? '')),
|
||||
@@ -44,7 +43,7 @@ if ($method === 'POST') {
|
||||
ApiResponse::requirePermission(PermissionService::ROLES_CREATE);
|
||||
|
||||
$input = ApiResponse::readJsonBody();
|
||||
$result = RoleService::createFromAdmin($input, ApiAuth::userId());
|
||||
$result = directoryServicesFactory()->createRoleService()->createFromAdmin($input, ApiAuth::userId());
|
||||
ApiResponse::fromServiceResult($result, 201);
|
||||
}
|
||||
|
||||
|
||||
@@ -1,9 +1,8 @@
|
||||
<?php
|
||||
|
||||
use MintyPHP\Http\ApiAuth;
|
||||
use MintyPHP\Http\ApiBootstrap;
|
||||
use MintyPHP\Http\ApiResponse;
|
||||
use MintyPHP\Http\ApiAuth;
|
||||
use MintyPHP\Service\Access\RoleService;
|
||||
use MintyPHP\Service\Access\PermissionService;
|
||||
|
||||
ApiBootstrap::init();
|
||||
@@ -18,7 +17,7 @@ $method = strtoupper($_SERVER['REQUEST_METHOD'] ?? 'GET');
|
||||
if ($method === 'GET') {
|
||||
ApiResponse::requirePermission(PermissionService::ROLES_VIEW);
|
||||
|
||||
$role = RoleService::findByUuid($uuid);
|
||||
$role = directoryServicesFactory()->createRoleService()->findByUuid($uuid);
|
||||
if (!$role) {
|
||||
ApiResponse::notFound();
|
||||
}
|
||||
@@ -38,21 +37,21 @@ if ($method === 'GET') {
|
||||
if ($method === 'PUT' || $method === 'PATCH') {
|
||||
ApiResponse::requirePermission(PermissionService::ROLES_UPDATE);
|
||||
|
||||
$role = RoleService::findByUuid($uuid);
|
||||
$role = directoryServicesFactory()->createRoleService()->findByUuid($uuid);
|
||||
if (!$role) {
|
||||
ApiResponse::notFound();
|
||||
}
|
||||
|
||||
$roleId = (int) ($role['id'] ?? 0);
|
||||
$input = ApiResponse::readJsonBody();
|
||||
$result = RoleService::updateFromAdmin($roleId, $input, ApiAuth::userId());
|
||||
$result = directoryServicesFactory()->createRoleService()->updateFromAdmin($roleId, $input, ApiAuth::userId());
|
||||
ApiResponse::fromServiceResult($result);
|
||||
}
|
||||
|
||||
if ($method === 'DELETE') {
|
||||
ApiResponse::requirePermission(PermissionService::ROLES_DELETE);
|
||||
|
||||
$result = RoleService::deleteByUuid($uuid);
|
||||
$result = directoryServicesFactory()->createRoleService()->deleteByUuid($uuid);
|
||||
ApiResponse::fromServiceResult($result);
|
||||
}
|
||||
|
||||
|
||||
@@ -1,9 +1,8 @@
|
||||
<?php
|
||||
|
||||
use MintyPHP\Http\ApiAuth;
|
||||
use MintyPHP\Http\ApiBootstrap;
|
||||
use MintyPHP\Http\ApiResponse;
|
||||
use MintyPHP\Http\ApiAuth;
|
||||
use MintyPHP\Service\Tenant\TenantService;
|
||||
use MintyPHP\Service\Access\PermissionService;
|
||||
|
||||
ApiBootstrap::init();
|
||||
@@ -25,7 +24,7 @@ if ($method === 'GET') {
|
||||
if ($scopedTenantId) {
|
||||
$options['tenantIds'] = [$scopedTenantId];
|
||||
}
|
||||
$result = TenantService::listPaged($options);
|
||||
$result = directoryServicesFactory()->createTenantService()->listPaged($options);
|
||||
|
||||
$rows = [];
|
||||
foreach ($result['rows'] as $row) {
|
||||
@@ -54,7 +53,7 @@ if ($method === 'POST') {
|
||||
}
|
||||
|
||||
$input = ApiResponse::readJsonBody();
|
||||
$result = TenantService::createFromAdmin($input, ApiAuth::userId());
|
||||
$result = directoryServicesFactory()->createTenantService()->createFromAdmin($input, ApiAuth::userId());
|
||||
ApiResponse::fromServiceResult($result, 201);
|
||||
}
|
||||
|
||||
|
||||
@@ -1,9 +1,8 @@
|
||||
<?php
|
||||
|
||||
use MintyPHP\Http\ApiAuth;
|
||||
use MintyPHP\Http\ApiBootstrap;
|
||||
use MintyPHP\Http\ApiResponse;
|
||||
use MintyPHP\Http\ApiAuth;
|
||||
use MintyPHP\Service\Tenant\TenantService;
|
||||
use MintyPHP\Service\Access\PermissionService;
|
||||
|
||||
ApiBootstrap::init();
|
||||
@@ -18,7 +17,7 @@ $method = strtoupper($_SERVER['REQUEST_METHOD'] ?? 'GET');
|
||||
if ($method === 'GET') {
|
||||
ApiResponse::requirePermission(PermissionService::TENANTS_VIEW);
|
||||
|
||||
$tenant = TenantService::findByUuid($uuid);
|
||||
$tenant = directoryServicesFactory()->createTenantService()->findByUuid($uuid);
|
||||
if (!$tenant) {
|
||||
ApiResponse::notFound();
|
||||
}
|
||||
@@ -47,7 +46,7 @@ if ($method === 'GET') {
|
||||
if ($method === 'PUT' || $method === 'PATCH') {
|
||||
ApiResponse::requirePermission(PermissionService::TENANTS_UPDATE);
|
||||
|
||||
$tenant = TenantService::findByUuid($uuid);
|
||||
$tenant = directoryServicesFactory()->createTenantService()->findByUuid($uuid);
|
||||
if (!$tenant) {
|
||||
ApiResponse::notFound();
|
||||
}
|
||||
@@ -56,14 +55,14 @@ if ($method === 'PUT' || $method === 'PATCH') {
|
||||
ApiAuth::requireResourceAccess('tenants', $tenantId);
|
||||
|
||||
$input = ApiResponse::readJsonBody();
|
||||
$result = TenantService::updateFromAdmin($tenantId, $input, ApiAuth::userId());
|
||||
$result = directoryServicesFactory()->createTenantService()->updateFromAdmin($tenantId, $input, ApiAuth::userId());
|
||||
ApiResponse::fromServiceResult($result);
|
||||
}
|
||||
|
||||
if ($method === 'DELETE') {
|
||||
ApiResponse::requirePermission(PermissionService::TENANTS_DELETE);
|
||||
|
||||
$tenant = TenantService::findByUuid($uuid);
|
||||
$tenant = directoryServicesFactory()->createTenantService()->findByUuid($uuid);
|
||||
if (!$tenant) {
|
||||
ApiResponse::notFound();
|
||||
}
|
||||
@@ -71,7 +70,7 @@ if ($method === 'DELETE') {
|
||||
$tenantId = (int) ($tenant['id'] ?? 0);
|
||||
ApiAuth::requireResourceAccess('tenants', $tenantId);
|
||||
|
||||
$result = TenantService::deleteByUuid($uuid);
|
||||
$result = directoryServicesFactory()->createTenantService()->deleteByUuid($uuid);
|
||||
ApiResponse::fromServiceResult($result);
|
||||
}
|
||||
|
||||
|
||||
@@ -1,13 +1,14 @@
|
||||
<?php
|
||||
|
||||
use MintyPHP\Http\ApiAuth;
|
||||
use MintyPHP\Http\ApiBootstrap;
|
||||
use MintyPHP\Http\ApiResponse;
|
||||
use MintyPHP\Http\ApiAuth;
|
||||
use MintyPHP\Service\User\UserService;
|
||||
use MintyPHP\Service\Access\PermissionService;
|
||||
use MintyPHP\Service\Tenant\TenantService;
|
||||
use MintyPHP\Service\User\UserServicesFactory;
|
||||
|
||||
ApiBootstrap::init();
|
||||
$userServicesFactory = new UserServicesFactory();
|
||||
$userAccountService = $userServicesFactory->createUserAccountService();
|
||||
|
||||
$method = strtoupper($_SERVER['REQUEST_METHOD'] ?? 'GET');
|
||||
|
||||
@@ -34,14 +35,14 @@ if ($method === 'GET') {
|
||||
];
|
||||
$scopedTenantId = ApiAuth::scopedTenantId();
|
||||
if ($scopedTenantId) {
|
||||
$tenant = TenantService::findById($scopedTenantId);
|
||||
$tenant = directoryServicesFactory()->createTenantService()->findById($scopedTenantId);
|
||||
$tenantUuid = trim((string) ($tenant['uuid'] ?? ''));
|
||||
if ($tenantUuid === '') {
|
||||
ApiResponse::notFound();
|
||||
}
|
||||
$options['tenant'] = $tenantUuid;
|
||||
}
|
||||
$result = UserService::listPaged($options);
|
||||
$result = $userAccountService->listPaged($options);
|
||||
|
||||
$rows = [];
|
||||
foreach ($result['rows'] as $row) {
|
||||
@@ -96,7 +97,7 @@ if ($method === 'POST') {
|
||||
$input['tenant_ids'] = [$scopedTenantId];
|
||||
$input['primary_tenant_id'] = $scopedTenantId;
|
||||
}
|
||||
$result = UserService::createFromAdmin($input, ApiAuth::userId());
|
||||
$result = $userAccountService->createFromAdmin($input, ApiAuth::userId());
|
||||
ApiResponse::fromServiceResult($result, 201);
|
||||
}
|
||||
|
||||
|
||||
@@ -1,15 +1,19 @@
|
||||
<?php
|
||||
|
||||
use MintyPHP\Http\ApiAuth;
|
||||
use MintyPHP\Http\ApiBootstrap;
|
||||
use MintyPHP\Http\ApiResponse;
|
||||
use MintyPHP\Http\ApiAuth;
|
||||
use MintyPHP\Repository\Access\RolePermissionRepository;
|
||||
use MintyPHP\Repository\Access\UserRoleRepository;
|
||||
use MintyPHP\Service\CustomField\UserCustomFieldValueService;
|
||||
use MintyPHP\Service\User\UserService;
|
||||
use MintyPHP\Service\Access\AccessServicesFactory;
|
||||
use MintyPHP\Service\Access\PermissionService;
|
||||
use MintyPHP\Service\CustomField\UserCustomFieldValueService;
|
||||
use MintyPHP\Service\User\UserServicesFactory;
|
||||
|
||||
ApiBootstrap::init();
|
||||
$userServicesFactory = new UserServicesFactory();
|
||||
$userAccountService = $userServicesFactory->createUserAccountService();
|
||||
$userAssignmentService = $userServicesFactory->createUserAssignmentService();
|
||||
$userRoleRepository = $userServicesFactory->createUserRoleRepository();
|
||||
$rolePermissionRepository = (new AccessServicesFactory())->createRolePermissionRepository();
|
||||
|
||||
$uuid = trim((string) ($id ?? ''));
|
||||
if ($uuid === '') {
|
||||
@@ -21,17 +25,17 @@ $method = strtoupper($_SERVER['REQUEST_METHOD'] ?? 'GET');
|
||||
if ($method === 'GET') {
|
||||
ApiResponse::requirePermission(PermissionService::USERS_VIEW);
|
||||
|
||||
$user = UserService::findByUuid($uuid);
|
||||
$user = $userAccountService->findByUuid($uuid);
|
||||
if (!$user) {
|
||||
ApiResponse::notFound();
|
||||
}
|
||||
|
||||
$userId = (int) ($user['id'] ?? 0);
|
||||
ApiAuth::requireResourceAccess('users', $userId);
|
||||
$assignments = UserService::buildAssignmentsForUser($userId);
|
||||
$assignments = $userAssignmentService->buildAssignmentsForUser($userId);
|
||||
$primaryTenantId = (int) ($user['primary_tenant_id'] ?? 0);
|
||||
$primaryTenant = UserService::findTenantSummaryInAssignments($assignments, $primaryTenantId);
|
||||
$publicAssignments = UserService::mapAssignmentsToPublic($assignments);
|
||||
$primaryTenant = $userAssignmentService->findTenantSummaryInAssignments($assignments, $primaryTenantId);
|
||||
$publicAssignments = $userAssignmentService->mapAssignmentsToPublic($assignments);
|
||||
$publicCustomFields = UserCustomFieldValueService::buildPublicValuesByTenant(
|
||||
$userId,
|
||||
$assignments['tenants'] ?? [],
|
||||
@@ -39,8 +43,8 @@ if ($method === 'GET') {
|
||||
);
|
||||
$publicPermissions = [];
|
||||
if (ApiAuth::hasPermission(PermissionService::PERMISSIONS_VIEW)) {
|
||||
$roleIds = UserRoleRepository::listRoleIdsByUserId($userId);
|
||||
$publicPermissions = RolePermissionRepository::listPermissionKeysByRoleIds($roleIds);
|
||||
$roleIds = $userRoleRepository->listRoleIdsByUserId($userId);
|
||||
$publicPermissions = $rolePermissionRepository->listPermissionKeysByRoleIds($roleIds);
|
||||
}
|
||||
|
||||
ApiResponse::success([
|
||||
@@ -72,7 +76,7 @@ if ($method === 'GET') {
|
||||
if ($method === 'PUT' || $method === 'PATCH') {
|
||||
ApiResponse::requirePermission(PermissionService::USERS_UPDATE);
|
||||
|
||||
$user = UserService::findByUuid($uuid);
|
||||
$user = $userAccountService->findByUuid($uuid);
|
||||
if (!$user) {
|
||||
ApiResponse::notFound();
|
||||
}
|
||||
@@ -103,14 +107,14 @@ if ($method === 'PUT' || $method === 'PATCH') {
|
||||
}
|
||||
}
|
||||
}
|
||||
$result = UserService::updateFromAdmin($userId, $input, ApiAuth::userId());
|
||||
$result = $userAccountService->updateFromAdmin($userId, $input, ApiAuth::userId());
|
||||
ApiResponse::fromServiceResult($result);
|
||||
}
|
||||
|
||||
if ($method === 'DELETE') {
|
||||
ApiResponse::requirePermission(PermissionService::USERS_DELETE);
|
||||
|
||||
$user = UserService::findByUuid($uuid);
|
||||
$user = $userAccountService->findByUuid($uuid);
|
||||
if (!$user) {
|
||||
ApiResponse::notFound();
|
||||
}
|
||||
@@ -118,7 +122,7 @@ if ($method === 'DELETE') {
|
||||
$userId = (int) ($user['id'] ?? 0);
|
||||
ApiAuth::requireResourceAccess('users', $userId);
|
||||
|
||||
$result = UserService::deleteByUuid($uuid, ApiAuth::userId());
|
||||
$result = $userAccountService->deleteByUuid($uuid, ApiAuth::userId());
|
||||
ApiResponse::fromServiceResult($result);
|
||||
}
|
||||
|
||||
|
||||
Reference in New Issue
Block a user