dave/pathfinder
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

pathfinder-84 [Feature Request] CREST Pilot Tracking, many smaller Bugfixes

Browse Source
This commit is contained in:
Exodus4D
2016-04-05 21:31:03 +02:00
parent 7e94ec4889
commit 95119fcd3d
86 changed files with 1940 additions and 3642 deletions
Download Patch File Download Diff File Expand all files Collapse all files

23
app/main/controller/api/access.php
View File

@@ -7,25 +7,24 @@
*/
namespace controller\api;
use Controller;
use Model;
class Access extends \Controller\AccessController {
class Access extends Controller\AccessController {
/**
* event handler
* @param $f3
* @param \Base $f3
*/
function beforeroute($f3) {
parent::beforeroute($f3);
function beforeroute(\Base $f3) {
// set header for all routes
header('Content-type: application/json');
parent::beforeroute($f3);
}
/**
* search user/corporation or alliance by name
* @param $f3
* search character/corporation or alliance by name
* @param \Base $f3
* @param $params
*/
public function search($f3, $params){
@@ -41,8 +40,8 @@ class Access extends \Controller\AccessController {
$accessModel = null;
switch($searchType){
case 'user':
$accessModel = Model\BasicModel::getNew('UserModel');
case 'character':
$accessModel = Model\BasicModel::getNew('CharacterModel');
break;
case 'corporation':
$accessModel = Model\BasicModel::getNew('CorporationModel');
@@ -55,12 +54,12 @@ class Access extends \Controller\AccessController {
if( is_object($accessModel) ){
// find "active" entries that have their "sharing" option activated
$accessList = $accessModel->find( array(
$accessList = $accessModel->find( [
"LOWER(name) LIKE :token AND " .
"active = 1 AND " .
"shared = 1 ",
':token' => '%' . $searchToken . '%'
));
]);
if($accessList){
foreach($accessList as $accessObject){

25
app/main/controller/api/connection.php
View File

@@ -40,7 +40,6 @@ class Connection extends Controller\AccessController{
$activeCharacter = $this->getCharacter();
if($activeCharacter){
$user = $activeCharacter->getUser();
// get map model and check map access
/**
@@ -49,7 +48,7 @@ class Connection extends Controller\AccessController{
$map = Model\BasicModel::getNew('MapModel');
$map->getById( (int)$mapData['id'] );
if( $map->hasAccess($user) ){
if( $map->hasAccess($activeCharacter) ){
$source = $map->getSystem( (int)$connectionData['source'] );
$target = $map->getSystem( (int)$connectionData['target'] );
@@ -57,6 +56,9 @@ class Connection extends Controller\AccessController{
!is_null($source) &&
!is_null($target)
){
/**
* @var $connection Model\ConnectionModel
*/
$connection = Model\BasicModel::getNew('ConnectionModel');
$connection->getById( (int)$connectionData['id'] );
@@ -103,17 +105,20 @@ class Connection extends Controller\AccessController{
$connectionIds = $f3->get('POST.connectionIds');
$activeCharacter = $this->getCharacter();
/**
* @var Model\ConnectionModel $connection
*/
$connection = Model\BasicModel::getNew('ConnectionModel');
foreach($connectionIds as $connectionId){
$connection->getById($connectionId);
$connection->delete( $activeCharacter->getUser() );
if($activeCharacter = $this->getCharacter()){
/**
* @var Model\ConnectionModel $connection
*/
$connection = Model\BasicModel::getNew('ConnectionModel');
foreach($connectionIds as $connectionId){
$connection->getById($connectionId);
$connection->delete( $activeCharacter );
$connection->reset();
$connection->reset();
}
}
echo json_encode([]);
}

93
app/main/controller/api/map.php
View File

@@ -39,10 +39,11 @@ class Map extends Controller\AccessController {
$f3->expire($expireTimeHead);
$initData = [];
$return = (object) [];
$return->error = [];
// static program data ------------------------------------------------
$initData['timer'] = $f3->get('PATHFINDER.TIMER');
$return->timer = $f3->get('PATHFINDER.TIMER');
// get all available map types ----------------------------------------
$mapType = Model\BasicModel::getNew('MapTypeModel');
@@ -59,7 +60,7 @@ class Map extends Controller\AccessController {
$mapTypeData[$rowData->name] = $data;
}
$initData['mapTypes'] = $mapTypeData;
$return->mapTypes = $mapTypeData;
// get all available map scopes ---------------------------------------
$mapScope = Model\BasicModel::getNew('MapScopeModel');
@@ -72,7 +73,7 @@ class Map extends Controller\AccessController {
];
$mapScopeData[$rowData->name] = $data;
}
$initData['mapScopes'] = $mapScopeData;
$return->mapScopes = $mapScopeData;
// get all available system status ------------------------------------
$systemStatus = Model\BasicModel::getNew('SystemStatusModel');
@@ -86,7 +87,7 @@ class Map extends Controller\AccessController {
];
$systemScopeData[$rowData->name] = $data;
}
$initData['systemStatus'] = $systemScopeData;
$return->systemStatus = $systemScopeData;
// get all available system types -------------------------------------
$systemType = Model\BasicModel::getNew('SystemTypeModel');
@@ -99,7 +100,7 @@ class Map extends Controller\AccessController {
];
$systemTypeData[$rowData->name] = $data;
}
$initData['systemType'] = $systemTypeData;
$return->systemType = $systemTypeData;
// get available connection scopes ------------------------------------
$connectionScope = Model\BasicModel::getNew('ConnectionScopeModel');
@@ -113,7 +114,7 @@ class Map extends Controller\AccessController {
];
$connectionScopeData[$rowData->name] = $data;
}
$initData['connectionScopes'] = $connectionScopeData;
$return->connectionScopes = $connectionScopeData;
// get available character status -------------------------------------
$characterStatus = Model\BasicModel::getNew('CharacterStatusModel');
@@ -127,17 +128,33 @@ class Map extends Controller\AccessController {
];
$characterStatusData[$rowData->name] = $data;
}
$initData['characterStatus'] = $characterStatusData;
$return->characterStatus = $characterStatusData;
// get max number of shared entities per map --------------------------
$maxSharedCount = [
'user' => $f3->get('PATHFINDER.MAX_SHARED_USER'),
'character' => $f3->get('PATHFINDER.MAX_SHARED_CHARACTER'),
'corporation' => $f3->get('PATHFINDER.MAX_SHARED_CORPORATION'),
'alliance' => $f3->get('PATHFINDER.MAX_SHARED_ALLIANCE'),
];
$initData['maxSharedCount'] = $maxSharedCount;
$return->maxSharedCount = $maxSharedCount;
echo json_encode($initData);
// get program routes -------------------------------------------------
$return->routes = [
'ssoLogin' => $this->getF3()->alias( 'sso', ['action' => 'requestAuthorization'] )
];
// get SSO error messages that should be shown immediately ------------
// -> e.g. errors while character switch from previous HTTP requests
if( $f3->exists(Controller\Ccp\Sso::SESSION_KEY_SSO_ERROR) ){
$ssoError = (object) [];
$ssoError->type = 'error';
$ssoError->title = 'Login failed';
$ssoError->message = $f3->get(Controller\Ccp\Sso::SESSION_KEY_SSO_ERROR);
$return->error[] = $ssoError;
$f3->clear(Controller\Ccp\Sso::SESSION_KEY_SSO_ERROR);
}
echo json_encode($return);
}
/**
@@ -213,7 +230,6 @@ class Map extends Controller\AccessController {
}
}
foreach($mapData['data']['connections'] as $connectionData){
// check if source and target IDs match with new system ID
if(
@@ -296,7 +312,6 @@ class Map extends Controller\AccessController {
$activeCharacter = $this->getCharacter(0);
if($activeCharacter){
$user = $activeCharacter->getUser();
/**
* @var $map Model\MapModel
@@ -306,7 +321,7 @@ class Map extends Controller\AccessController {
if(
$map->dry() ||
$map->hasAccess($user)
$map->hasAccess($activeCharacter)
){
// new map
$map->setData($formData);
@@ -315,36 +330,36 @@ class Map extends Controller\AccessController {
// save global map access. Depends on map "type"
if($map->isPrivate()){
// share map between users -> set access
if(isset($formData['mapUsers'])){
// share map between characters -> set access
if(isset($formData['mapCharacters'])){
// avoid abuse -> respect share limits
$accessUsers = array_slice( $formData['mapUsers'], 0, $f3->get('PATHFINDER.MAX_SHARED_USER') );
$accessCharacters = array_slice( $formData['mapCharacters'], 0, $f3->get('PATHFINDER.MAX_SHARED_CHARACTER') );
// clear map access. In case something has removed from access list
$map->clearAccess();
/**
* @var $tempUser Model\UserModel
* @var $tempCharacter Model\CharacterModel
*/
$tempUser = Model\BasicModel::getNew('UserModel');
$tempCharacter = Model\BasicModel::getNew('CharacterModel');
foreach($accessUsers as $userId){
$tempUser->getById( (int)$userId );
foreach($accessCharacters as $characterId){
$tempCharacter->getById( (int)$characterId );
if(
!$tempUser->dry() &&
$tempUser->shared == 1 // check if map shared is enabled
!$tempCharacter->dry() &&
$tempCharacter->shared == 1 // check if map shared is enabled
){
$map->setAccess($tempUser);
$map->setAccess($tempCharacter);
}
$tempUser->reset();
$tempCharacter->reset();
}
}
// the current user itself should always have access
// the current character itself should always have access
// just in case he removed himself :)
$map->setAccess($user);
$map->setAccess($activeCharacter);
}elseif($map->isCorporation()){
$corporation = $activeCharacter->getCorporation();
@@ -459,7 +474,7 @@ class Map extends Controller\AccessController {
*/
$map = Model\BasicModel::getNew('MapModel');
$map->getById($mapData['id']);
$map->delete( $activeCharacter->getUser() );
$map->delete( $activeCharacter );
}
echo json_encode([]);
@@ -480,15 +495,15 @@ class Map extends Controller\AccessController {
if($activeCharacter){
$cacheKey = 'user_map_data_' . $activeCharacter->id;
$cacheKey = 'user_map_data_' . $activeCharacter->_id;
// if there is any system/connection change data submitted -> save new data
if(
!$f3->exists($cacheKey) ||
!empty($mapData)
!empty($mapData) ||
!$f3->exists($cacheKey)
){
// get current map data ========================================================
$maps = $activeCharacter->getUser()->getMaps();
$maps = $activeCharacter->getMaps();
// loop all submitted map data that should be saved
// -> currently there will only be ONE map data change submitted -> single loop
@@ -583,7 +598,7 @@ class Map extends Controller\AccessController {
// cache time(s) per user should be equal or less than this function is called
// prevent request flooding
$responseTTL = $f3->get('PATHFINDER.TIMER.UPDATE_SERVER_MAP.DELAY') / 1000;
$responseTTL = (int)$f3->get('PATHFINDER.TIMER.UPDATE_SERVER_MAP.DELAY') / 1000;
$f3->set($cacheKey, $return, $responseTTL);
}else{
@@ -631,17 +646,16 @@ class Map extends Controller\AccessController {
public function updateUserData(\Base $f3){
$return = (object) [];
$return->error = [];
$activeCharacter = $this->getCharacter();
$activeCharacter = $this->getCharacter(0);
if($activeCharacter){
$user = $activeCharacter->getUser();
if( !empty($f3->get('POST.mapIds')) ){
$mapIds = (array)$f3->get('POST.mapIds');
// check if data for specific system is requested
$systemData = (array)$f3->get('POST.systemData');
// update current location
$activeCharacter->updateLog();
$activeCharacter = $activeCharacter->updateLog();
// if data is requested extend the cache key in order to get new data
$requestSystemData = (object) [];
@@ -657,7 +671,7 @@ class Map extends Controller\AccessController {
$cacheKey = 'user_data_' . $tempId . '_' . $requestSystemData->systemId;
if( !$f3->exists($cacheKey) ){
foreach($mapIds as $mapId){
$map = $user->getMap($mapId);
$map = $activeCharacter->getMap($mapId);
if( !is_null($map) ){
$return->mapUserData[] = $map->getUserData();
@@ -677,7 +691,7 @@ class Map extends Controller\AccessController {
// cache time (seconds) should be equal or less than request trigger time
// prevent request flooding
$responseTTL = $f3->get('PATHFINDER.TIMER.UPDATE_SERVER_USER_DATA.DELAY') / 1000;
$responseTTL = (int)$f3->get('PATHFINDER.TIMER.UPDATE_SERVER_USER_DATA.DELAY') / 1000;
// cache response
$f3->set($cacheKey, $return, $responseTTL);
@@ -688,9 +702,10 @@ class Map extends Controller\AccessController {
$return = $f3->get($cacheKey);
}
}
// get current user data -> this should not be cached because each user has different personal data
// even if they have multiple characters using the same map!
$return->userData = $user->getData();
$return->userData = $activeCharacter->getUser()->getData();
}else{
// user logged off
$return->error[] = $this->getLogoutError();

9
app/main/controller/api/signature.php
View File

@@ -40,7 +40,7 @@ class Signature extends \Controller\AccessController{
if(!$system->dry()){
// check access
if( $system->hasAccess($activeCharacter->getUser()) ){
if( $system->hasAccess($activeCharacter) ){
$signatureData = $system->getSignaturesData();
}
}
@@ -75,7 +75,6 @@ class Signature extends \Controller\AccessController{
$activeCharacter = $this->getCharacter();
if($activeCharacter){
$user = $activeCharacter->getUser();
/**
* @var Model\SystemModel $system
@@ -95,9 +94,9 @@ class Signature extends \Controller\AccessController{
$signature = null;
if( isset($data['pk']) ){
// try to get system by "primary key"
$signature = $system->getSignatureById($user, (int)$data['pk']);
$signature = $system->getSignatureById($activeCharacter, (int)$data['pk']);
}elseif( isset($data['name']) ){
$signature = $system->getSignatureByName($user, $data['name']);
$signature = $system->getSignatureByName($activeCharacter, $data['name']);
}
if( is_null($signature) ){
@@ -186,7 +185,7 @@ class Signature extends \Controller\AccessController{
$signature = Model\BasicModel::getNew('SystemSignatureModel');
foreach($signatureIds as $signatureId){
$signature->getById($signatureId);
$signature->delete( $activeCharacter->getUser() );
$signature->delete( $activeCharacter );
$signature->reset();
}

15
app/main/controller/api/system.php
View File

@@ -192,7 +192,6 @@ class System extends \Controller\AccessController {
$activeCharacter = $this->getCharacter();
if($activeCharacter){
$user = $activeCharacter->getUser();
$systemData = (array)$postData['systemData'];
$mapData = (array)$postData['mapData'];
@@ -205,7 +204,7 @@ class System extends \Controller\AccessController {
$system = Model\BasicModel::getNew('SystemModel');
$system->getById($systemData['id']);
if( !$system->dry() ){
if( $system->hasAccess($user) ){
if( $system->hasAccess($activeCharacter) ){
// system model found
$systemModel = $system;
}
@@ -219,7 +218,7 @@ class System extends \Controller\AccessController {
$map = Model\BasicModel::getNew('MapModel');
$map->getById($mapData['id']);
if( !$map->dry() ){
if( $map->hasAccess($user) ){
if( $map->hasAccess($activeCharacter) ){
$systemData['mapId'] = $map;
@@ -270,9 +269,9 @@ class System extends \Controller\AccessController {
$systemLogModel = Model\BasicModel::getNew($ModelClass);
// 10min cache (could be up to 1h cache time)
$systemLogModel->getByForeignKey('systemId', $systemId, array(), 60 * 10);
$systemLogModel->getByForeignKey('systemId', $systemId, [], 60 * 10);
if(!$systemLogModel->dry()){
if( !$systemLogModel->dry() ){
$counter = 0;
for( $i = $logEntryCount; $i >= 1; $i--){
$column = 'value' . $i;
@@ -340,17 +339,15 @@ class System extends \Controller\AccessController {
*/
public function delete(\Base $f3){
$systemIds = $f3->get('POST.systemIds');
$activeCharacter = $this->getCharacter();
if($activeCharacter){
$user = $activeCharacter->getUser();
if($activeCharacter = $this->getCharacter()){
/**
* @var Model\SystemModel $system
*/
$system = Model\BasicModel::getNew('SystemModel');
foreach((array)$systemIds as $systemId){
$system->getById($systemId);
$system->delete($user);
$system->delete($activeCharacter);
$system->reset();
}
}

408
app/main/controller/api/user.php
View File

@@ -15,6 +15,10 @@ use DB;
class User extends Controller\Controller{
// captcha specific session keys
const SESSION_CAPTCHA_ACCOUNT_UPDATE = 'SESSION.CAPTCHA.ACCOUNT.UPDATE';
const SESSION_CAPTCHA_ACCOUNT_DELETE = 'SESSION.CAPTCHA.ACCOUNT.DELETE';
// user specific session keys
const SESSION_KEY_USER = 'SESSION.USER';
const SESSION_KEY_USER_ID = 'SESSION.USER.ID';
@@ -36,7 +40,7 @@ class User extends Controller\Controller{
* valid reasons for captcha images
* @var string array
*/
private static $captchaReason = ['createAccount', 'deleteAccount'];
private static $captchaReason = [self::SESSION_CAPTCHA_ACCOUNT_UPDATE, self::SESSION_CAPTCHA_ACCOUNT_DELETE];
/**
* login a valid character
@@ -106,7 +110,7 @@ class User extends Controller\Controller{
'fonts/oxygen-bold-webfont.ttf',
14,
6,
'SESSION.' . $reason,
$reason,
'',
$colorText,
$colorBG
@@ -155,14 +159,12 @@ class User extends Controller\Controller{
$return = (object) [];
$privateSharing = 0;
$corporationSharing = 0;
$allianceSharing = 0;
$activeCharacter = $this->getCharacter();
if($activeCharacter){
$user = $activeCharacter->getUser();
$privateSharing = 0;
$corporationSharing = 0;
$allianceSharing = 0;
// form values
if(isset($data['formData'])){
@@ -181,8 +183,8 @@ class User extends Controller\Controller{
}
}
$user->shared = $privateSharing;
$user->save();
$activeCharacter->shared = $privateSharing;
$activeCharacter = $activeCharacter->save();
// update corp/ally ---------------------------------------------------------------
$corporation = $activeCharacter->getCorporation();
@@ -198,6 +200,7 @@ class User extends Controller\Controller{
$alliance->save();
}
$user = $activeCharacter->getUser();
$return->userData = $user->getData();
}
@@ -205,61 +208,9 @@ class User extends Controller\Controller{
}
/**
* search for a registration key model
* e.g. for new user registration with "invite" feature enabled
* @param $email
* @param $registrationKey
* @return bool|Model\RegistrationKeyModel
* @throws Exception
*/
protected function getRegistrationKey($email, $registrationKey){
$registrationKeyModel = Model\BasicModel::getNew('RegistrationKeyModel');
$registrationKeyModel->load([
'registrationKey = :registrationKey AND
email = :email AND
used = 0 AND
active = 1',
':registrationKey' => $registrationKey,
':email' => $email
]);
if( $registrationKeyModel->dry() ){
return false;
}else{
return $registrationKeyModel;
}
}
/**
* check if there is already an active Key for a mail
* @param $email
* @param bool|false $used
* @return bool|null
* @throws Exception
*/
protected function findRegistrationKey($email, $used = false){
$queryPart = 'email = :email AND active = 1';
if(is_int($used)){
$queryPart .= ' AND used = ' . $used;
}
$registrationKeyModel = Model\BasicModel::getNew('RegistrationKeyModel');
$registrationKeyModels = $registrationKeyModel->find([
$queryPart,
':email' => $email
]);
if( is_object($registrationKeyModels) ){
return $registrationKeyModels;
}else{
return false;
}
}
/**
* save/update user account data
* update user account data
* -> a fresh user automatically generated on first login with a new character
* -> see CREST SSO login
* @param \Base $f3
*/
public function saveAccount(\Base $f3){
@@ -268,183 +219,100 @@ class User extends Controller\Controller{
$return = (object) [];
$return->error = [];
$captcha = $f3->get('SESSION.createAccount');
$captcha = $f3->get(self::SESSION_CAPTCHA_ACCOUNT_UPDATE);
// reset captcha -> forces user to enter new one
$f3->clear('SESSION.createAccount');
$f3->clear(self::SESSION_CAPTCHA_ACCOUNT_UPDATE);
$newUserData = null;
// check for new user
$loginAfterSave = false;
// valid registration key Model is required for new registration
// if "invite" feature is enabled
$registrationKeyModel = false;
if( isset($data['settingsData']) ){
$settingsData = $data['settingsData'];
if( isset($data['formData']) ){
$formData = $data['formData'];
try{
$activeCharacter = $this->getCharacter(0);
$user = $activeCharacter->getUser();
if($activeCharacter = $this->getCharacter(0)){
$user = $activeCharacter->getUser();
// captcha is send -> check captcha
if(
isset($settingsData['captcha']) &&
!empty($settingsData['captcha'])
){
if($settingsData['captcha'] === $captcha){
// change/set sensitive user data requires captcha!
if(is_null($user)){
// check if registration key invite function is enabled
if($f3->get('PATHFINDER.REGISTRATION.INVITE') === 1 ){
$registrationKeyModel = $this->getRegistrationKey( $settingsData['email'], $settingsData['registrationKey'] );
if($registrationKeyModel === false){
throw new Exception\RegistrationException('Registration key invalid', 'registrationKey');
}
}
// new user registration
$user = Model\BasicModel::getNew('UserModel');
$loginAfterSave = true;
// captcha is send -> check captcha ---------------------------------
if(
isset($formData['captcha']) &&
!empty($formData['captcha'])
){
if($formData['captcha'] === $captcha){
// change/set sensitive user data requires captcha!
// set username
if(
isset($settingsData['name']) &&
!empty($settingsData['name'])
isset($formData['name']) &&
!empty($formData['name'])
){
$user->name = $settingsData['name'];
}
}
// change/set email
if(
isset($settingsData['email']) &&
isset($settingsData['email_confirm']) &&
!empty($settingsData['email']) &&
!empty($settingsData['email_confirm']) &&
$settingsData['email'] == $settingsData['email_confirm']
){
$user->email = $settingsData['email'];
}
// change/set password
if(
isset($settingsData['password']) &&
isset($settingsData['password_confirm']) &&
!empty($settingsData['password']) &&
!empty($settingsData['password_confirm']) &&
$settingsData['password'] == $settingsData['password_confirm']
){
$user->password = $settingsData['password'];
}
}else{
// captcha was send but not valid -> return error
$captchaError = (object) [];
$captchaError->type = 'error';
$captchaError->message = 'Captcha does not match';
$return->error[] = $captchaError;
}
}
// saving additional user info requires valid user object (no captcha required)
if($user){
// save API data
if(
isset($settingsData['keyId']) &&
isset($settingsData['vCode']) &&
is_array($settingsData['keyId']) &&
is_array($settingsData['vCode'])
){
// get all existing API models for this user
$apiModels = $user->getAPIs();
foreach($settingsData['keyId'] as $i => $keyId){
$api = null;
// search for existing API model
foreach($apiModels as $key => $apiModel){
if($apiModel->keyId == $keyId){
$api = $apiModel;
// make sure model is up2data -> cast()
$api->cast();
unset($apiModels[$key]);
break;
}
$user->name = $formData['name'];
}
if(is_null($api)){
// new API Key
$api = Model\BasicModel::getNew('UserApiModel');
$api->userId = $user;
// set email
if(
isset($formData['email']) &&
isset($formData['email_confirm']) &&
!empty($formData['email']) &&
!empty($formData['email_confirm']) &&
$formData['email'] == $formData['email_confirm']
){
$user->email = $formData['email'];
}
$api->keyId = $keyId;
$api->vCode = $settingsData['vCode'][$i];
$api->save();
// save/update user model
// this will fail if model validation fails!
$user->save();
$characterCount = $api->updateCharacters();
}else{
// captcha was send but not valid -> return error
$captchaError = (object) [];
$captchaError->type = 'error';
$captchaError->message = 'Captcha does not match';
$return->error[] = $captchaError;
}
}
if($characterCount == 0){
// no characters found -> return warning
$characterError = (object) [];
$characterError->type = 'warning';
$characterError->message = 'API verification failed. No Characters found for KeyId ' . $api->keyId;
$return->error[] = $characterError;
}
// sharing config ---------------------------------------------------
if(isset($formData['share'])){
$privateSharing = 0;
$corporationSharing = 0;
$allianceSharing = 0;
if(isset($formData['privateSharing'])){
$privateSharing = 1;
}
// delete API models that no longer exists
foreach($apiModels as $apiModel){
$apiModel->delete();
if(isset($formData['corporationSharing'])){
$corporationSharing = 1;
}
// get fresh updated user object (API info may have has changed)
//$user = $this->_getUser(0);
}
if(isset($formData['allianceSharing'])){
$allianceSharing = 1;
}
// set main character
if( isset($settingsData['mainCharacterId']) ){
$user->setMainCharacterId((int)$settingsData['mainCharacterId']);
}
// update private/corp/ally
$corporation = $activeCharacter->getCorporation();
$alliance = $activeCharacter->getAlliance();
// check if the user already has a main character
// if not -> save the next best character as main
$mainUserCharacter = $user->getMainUserCharacter();
if(is_object($corporation)){
$corporation->shared = $corporationSharing;
$corporation->save();
}
// set main character if no main character exists
if(is_null($mainUserCharacter)){
$user->setMainCharacterId();
}
if(is_object($alliance)){
$alliance->shared = $allianceSharing;
$alliance->save();
}
// save/update user model
// this will fail if model validation fails!
$user->save();
if(is_object($registrationKeyModel)){
$registrationKeyModel->used = 1;
$registrationKeyModel->save();
}
// log user in (in case he is new
if($loginAfterSave){
$this->logInByData( $user->name, $settingsData['password'] );
// return reroute path
$return->reroute = rtrim(self::getEnvironmentData('URL'), '/') . $this->f3->alias('map');
$activeCharacter->shared = $privateSharing;
$activeCharacter->save();
}
// get fresh updated user object
$newUserData = $user->getData();
}
}catch(Exception\ValidationException $e){
$validationError = (object) [];
$validationError->type = 'error';
@@ -461,109 +329,6 @@ class User extends Controller\Controller{
// return new/updated user data
$return->userData = $newUserData;
}
echo json_encode($return);
}
/**
* send mail with registration key
* -> check INVITE in pathfinder.ini
* @param \Base $f3
* @throws Exception
*/
public function sendInvite(\Base $f3){
$data = $f3->get('POST.settingsData');
$return = (object) [];
// check invite limit
// get handed out key count
$tempRegistrationKeyModel = Model\BasicModel::getNew('RegistrationKeyModel');
$tempRegistrationKeyModels = $tempRegistrationKeyModel->find([ '
email != "" AND
active = 1'
]);
$totalKeys = 0;
if(is_object($tempRegistrationKeyModels)){
$totalKeys = $tempRegistrationKeyModels->count();
}
if(
$f3->get('PATHFINDER.REGISTRATION.INVITE') == 1 &&
$totalKeys < $f3->get('PATHFINDER.REGISTRATION.INVITE_LIMIT')
){
// key limit not reached
if(
isset($data['email']) &&
!empty($data['email'])
){
$email = trim($data['email']);
// check if mail is valid
if( \Audit::instance()->email($email) ){
// new key for this mail is allowed
$registrationKeyModel = $this->findRegistrationKey($email, 0);
if($registrationKeyModel === false){
// check for total number of invites (active and inactive) -> prevent spamming
$allRegistrationKeysByMail = $this->findRegistrationKey($email);
if(
$allRegistrationKeysByMail == false ||
$allRegistrationKeysByMail->count() < 3
){
// get a fresh key
$registrationKeyModel = Model\BasicModel::getNew('RegistrationKeyModel');
$registrationKeyModel->load(['
used = 0 AND
active = 1 AND
email = "" ',
':email' => $email
], ['limit' => 1]);
}else{
$validationError = (object) [];
$validationError->type = 'warning';
$validationError->message = 'The number of keys is limited by Email. You can not get more keys';
$return->error[] = $validationError;
}
}else{
$registrationKeyModel = $registrationKeyModel[0];
}
// send "old" key again or send a new key
if( is_object($registrationKeyModel) ){
$msg = 'Your personal Registration Key: ' . $registrationKeyModel->registrationKey;
$mailController = new MailController();
$status = $mailController->sendInviteKey($email, $msg);
if( $status ){
$registrationKeyModel->email = $email;
$registrationKeyModel->ip = $this->f3->get('IP');
$registrationKeyModel->save();
}
}
}else{
$validationError = (object) [];
$validationError->type = 'error';
$validationError->field = 'email';
$validationError->message = 'Email is not valid';
$return->error[] = $validationError;
}
}
}else{
$validationError = (object) [];
$validationError->type = 'warning';
$validationError->message = 'The pool of beta keys has been exhausted, please try again in a few days/weeks';
$return->error[] = $validationError;
}
echo json_encode($return);
@@ -577,10 +342,10 @@ class User extends Controller\Controller{
$data = $f3->get('POST.formData');
$return = (object) [];
$captcha = $f3->get('SESSION.deleteAccount');
$captcha = $f3->get(self::SESSION_CAPTCHA_ACCOUNT_DELETE);
// reset captcha -> forces user to enter new one
$f3->clear('SESSION.deleteAccount');
$f3->clear(self::SESSION_CAPTCHA_ACCOUNT_DELETE);
if(
isset($data['captcha']) &&
@@ -589,13 +354,8 @@ class User extends Controller\Controller{
){
$activeCharacter = $this->getCharacter(0);
$user = $activeCharacter->getUser();
$validUser = $this->_verifyUser( $user->name, $data['password']);
if(
is_object($validUser) &&
is_object($user) &&
$user->id === $validUser->id
){
if($user){
// send delete account mail
$msg = 'Hello ' . $user->name . ',<br><br>';
$msg .= 'your account data has been successfully deleted.';
@@ -616,12 +376,6 @@ class User extends Controller\Controller{
$this->logOut($f3);
die();
}
}else{
// password does not match current user pw
$passwordError = (object) [];
$passwordError->type = 'error';
$passwordError->message = 'Invalid password';
$return->error[] = $passwordError;
}
}else{
// captcha not valid -> return error

4
app/main/controller/appcontroller.php
View File

@@ -19,7 +19,9 @@ class AppController extends Controller {
parent::afterroute($f3);
// clear all SSO related temp data
$f3->clear(Ccp\Sso::SESSION_KEY_SSO);
if( $f3->exists(Ccp\Sso::SESSION_KEY_SSO) ){
$f3->clear(Ccp\Sso::SESSION_KEY_SSO);
}
}
/**

185
app/main/controller/ccp/sso.php
View File

@@ -34,6 +34,10 @@ class Sso extends Api\User{
const SESSION_KEY_SSO = 'SESSION.SSO';
const SESSION_KEY_SSO_ERROR = 'SESSION.SSO.ERROR';
const SESSION_KEY_SSO_STATE = 'SESSION.SSO.STATE';
const SESSION_KEY_SSO_CHARACTER_ID = 'SESSION.SSO.CHARACTER.ID';
// cache keys
const CACHE_KEY_LOCATION_DATA = 'CACHED.LOCATION.%s';
// error messages
const ERROR_CCP_SSO_URL = 'Invalid "ENVIRONMENT.[ENVIRONMENT].SSO_CCP_URL" url. %s';
@@ -44,6 +48,9 @@ class Sso extends Api\User{
const ERROR_GET_ENDPOINT = 'Unable to get endpoint data. $s';
const ERROR_FIND_ENDPOINT = 'Unable to find endpoint: %s';
const ERROR_LOGIN_FAILED = 'Failed authentication due to technical problems: %s';
const ERROR_CHARACTER_FORBIDDEN = 'Character "%s" is not authorized to log in';
const ERROR_CHARACTER_MISMATCH = 'The character "%s" you tried to log in, does not match';
const ERROR_SERVICE_TIMEOUT = 'CCP SSO service timeout (%ss). Try again later';
/**
* CREST "Scopes" are used by pathfinder
@@ -62,6 +69,12 @@ class Sso extends Api\User{
* @param \Base $f3
*/
public function requestAuthorization($f3){
$params = $f3->get('GET');
if(isset($params['characterId'])){
// restrict login to this characterId e.g. for character switch
$f3->set(self::SESSION_KEY_SSO_CHARACTER_ID, (int)trim($params['characterId']) );
}
// used for "state" check between request and callback
$state = bin2hex(mcrypt_create_iv(12, MCRYPT_DEV_URANDOM));
@@ -89,6 +102,10 @@ class Sso extends Api\User{
public function callbackAuthorization($f3){
$getParams = (array)$f3->get('GET');
// users can log in either from @login (new user) or @map (existing user) root alias
// -> in case login fails, users should be redirected differently
$authFromMapAlias = false;
if($f3->exists(self::SESSION_KEY_SSO_STATE)){
// check response and validate 'state'
if(
@@ -98,8 +115,15 @@ class Sso extends Api\User{
!empty($getParams['state']) &&
$f3->get(self::SESSION_KEY_SSO_STATE) === $getParams['state']
){
// clear 'state' for new next request
// $requestedCharacterId can be [-1 => add char, 0 => new user, >0 => specific user]
$requiredCharacterId = (int)$f3->get(self::SESSION_KEY_SSO_CHARACTER_ID);
if($requiredCharacterId !== 0){
$authFromMapAlias = true;
}
// clear 'state' for new next login request
$f3->clear(self::SESSION_KEY_SSO_STATE);
$f3->clear(self::SESSION_KEY_SSO_CHARACTER_ID);
$accessData = $this->getCrestAccessData($getParams['code']);
@@ -111,74 +135,91 @@ class Sso extends Api\User{
$verificationCharacterData = $this->verifyCharacterData($accessData->accessToken);
if( !is_null($verificationCharacterData)){
// verification data available. Data is needed for "ownerHash" check
// get character data from CREST
$characterData = $this->getCharacterData($accessData->accessToken);
// check if login is restricted to a characterID
if(
$requiredCharacterId <= 0 ||
$verificationCharacterData->CharacterID === $requiredCharacterId
){
// verification available data. Data is needed for "ownerHash" check
if(isset($characterData->character)){
// add "ownerHash" and CREST tokens
$characterData->character['ownerHash'] = $verificationCharacterData->CharacterOwnerHash;
$characterData->character['crestAccessToken'] = $accessData->accessToken;
$characterData->character['crestRefreshToken'] = $accessData->refreshToken;
// get character data from CREST
$characterData = $this->getCharacterData($accessData->accessToken);
// add/update static character data
$characterModel = $this->updateCharacter($characterData);
if(isset($characterData->character)){
// add "ownerHash" and CREST tokens
$characterData->character['ownerHash'] = $verificationCharacterData->CharacterOwnerHash;
$characterData->character['crestAccessToken'] = $accessData->accessToken;
$characterData->character['crestRefreshToken'] = $accessData->refreshToken;
if( !is_null($characterModel) ){
// check if character is authorized to log in
if($characterModel->isAuthorized()){
// add/update static character data
$characterModel = $this->updateCharacter($characterData);
// character is authorized to log in
// -> update character log (current location,...)
$characterModel = $characterModel->updateLog();
if( !is_null($characterModel) ){
// check if character is authorized to log in
if($characterModel->isAuthorized()){
// check if there is already a user created who owns this char
$user = $characterModel->getUser();
// character is authorized to log in
// -> update character log (current location,...)
$characterModel = $characterModel->updateLog();
if(is_null($user)){
// no user found -> create one and connect to character
/**
* @var Model\UserModel $user
*/
$user = Model\BasicModel::getNew('UserModel');
$user->name = $characterModel->name;
$user->save();
// check if there is already an active user logged in
if($activeCharacter = $this->getCharacter()){
// connect character with current user
$user = $activeCharacter->getUser();
}elseif( is_null( $user = $characterModel->getUser()) ){
// no user found (new character) -> create new user and connect to character
$user = Model\BasicModel::getNew('UserModel');
$user->name = $characterModel->name;
$user->save();
}
/**
* @var Model\UserCharacterModel $userCharactersModel
*/
$userCharactersModel = Model\BasicModel::getNew('UserCharacterModel');
if( is_null($userCharactersModel = $characterModel->userCharacter) ){
$userCharactersModel = Model\BasicModel::getNew('UserCharacterModel');
$userCharactersModel->characterId = $characterModel;
}
// user might have changed
$userCharactersModel->userId = $user;
$userCharactersModel->characterId = $characterModel;
$userCharactersModel->save();
// get updated character model
$characterModel = $userCharactersModel->getCharacter();
}
// login by character
$loginCheck = $this->loginByCharacter($characterModel);
// login by character
$loginCheck = $this->loginByCharacter($characterModel);
if($loginCheck){
// route to "map"
$f3->reroute('@map');
if($loginCheck){
// route to "map"
$f3->reroute('@map');
}else{
$f3->set(self::SESSION_KEY_SSO_ERROR, sprintf(self::ERROR_LOGIN_FAILED, $characterModel->name));
}
}else{
$f3->set(self::SESSION_KEY_SSO_ERROR, sprintf(self::ERROR_LOGIN_FAILED, $characterModel->name));
// character is not authorized to log in
$f3->set(self::SESSION_KEY_SSO_ERROR, sprintf(self::ERROR_CHARACTER_FORBIDDEN, $characterModel->name));
}
}else{
// character is not authorized to log in
$f3->set(self::SESSION_KEY_SSO_ERROR, 'Character "' . $characterModel->name . '" is not authorized to log in.');
}
}
}else{
// characterID is not allowed to login
$f3->set(self::SESSION_KEY_SSO_ERROR, sprintf(self::ERROR_CHARACTER_MISMATCH, $verificationCharacterData->CharacterName));
}
}
}else{
// CREST "accessData" missing (e.g. timeout)
$f3->set(self::SESSION_KEY_SSO_ERROR, sprintf(self::ERROR_SERVICE_TIMEOUT, self::CREST_TIMEOUT));
}
}
}
// on error -> route back to login form
$f3->reroute('@login');
if($authFromMapAlias){
// on error -> route back to map
$f3->reroute('@map');
}else{
// on error -> route back to login form
$f3->reroute('@login');
}
}
/**
@@ -266,16 +307,18 @@ class Sso extends Api\User{
$apiResponse = Lib\Web::instance()->request($verifyAuthCodeUrl, $requestOptions);
if($apiResponse['body']){
$authCodeRequestData = json_decode($apiResponse['body']);
$authCodeRequestData = json_decode($apiResponse['body'], true);
if(isset($authCodeRequestData->access_token)){
// this token is required for endpoints that require Auth
$accessData->accessToken = $authCodeRequestData->access_token;
}
if( !empty($authCodeRequestData) ){
if( isset($authCodeRequestData['access_token']) ){
// this token is required for endpoints that require Auth
$accessData->accessToken = $authCodeRequestData['access_token'];
}
if(isset($authCodeRequestData->refresh_token)){
// this token is used to refresh/get a new access_token when expires
$accessData->refreshToken = $authCodeRequestData->refresh_token;
if(isset($authCodeRequestData['refresh_token'])){
// this token is used to refresh/get a new access_token when expires
$accessData->refreshToken = $authCodeRequestData['refresh_token'];
}
}
}else{
self::getCrestLogger()->write(
@@ -450,25 +493,37 @@ class Sso extends Api\User{
}
/**
* get current character location data
* get current character location data (result is cached!)
* -> solarSystem data where character is currently active
* @param $accessToken
* @return object
* @param int $ttl
* @return array
*/
public function getCharacterLocationData($accessToken){
$endpoints = $this->getEndpoints($accessToken);
$locationData = (object) [];
public function getCharacterLocationData($accessToken, $ttl = 10){
$locationData = [];
$endpoint = $this->walkEndpoint($accessToken, $endpoints, [
'decode',
'character',
'location'
]);
// in addition to the cURL caching (based on cache-control headers,
// the final location data is cached additionally -> speed up
$cacheKey = sprintf(self::CACHE_KEY_LOCATION_DATA, 'TOKEN_' . hash('md5', $accessToken));
if( !empty($endpoint) ){
if(isset($endpoint['solarSystem'])){
$locationData->system = (new Mapper\CrestSystem($endpoint['solarSystem']))->getData();
if( !$this->getF3()->exists($cacheKey) ){
$endpoints = $this->getEndpoints($accessToken);
$endpoint = $this->walkEndpoint($accessToken, $endpoints, [
'decode',
'character',
'location'
]);
if( !empty($endpoint) ){
if(isset($endpoint['solarSystem'])){
$locationData['system'] = (new Mapper\CrestSystem($endpoint['solarSystem']))->getData();
}
}
$this->getF3()->set($cacheKey, $locationData, $ttl);
}else{
$locationData = $this->getF3()->get($cacheKey);
}
return $locationData;

29
app/main/controller/controller.php
View File

@@ -120,7 +120,7 @@ class Controller {
* @return Model\CharacterModel|null
* @throws \Exception
*/
public function getCharacter($ttl = 5){
public function getCharacter($ttl = 0){
$character = null;
if( $this->getF3()->exists(Api\User::SESSION_KEY_CHARACTER_ID) ){
@@ -170,33 +170,6 @@ class Controller {
}
}
/**
* verifies weather a given username and password is valid
* @param string $userName
* @param string $password
* @return Model\UserModel|null
*/
protected function _verifyUser($userName, $password) {
$validUser = null;
/**
* @var $user \Model\UserModel
*/
$user = Model\BasicModel::getNew('UserModel', 0);
$user->getByName($userName);
// check userName is valid
if( !$user->dry() ){
// check if password is valid
$isValid = $user->verify($password);
if($isValid === true){
$validUser = $user;
}
}
return $validUser;
}
/**
* check weather the page is IGB trusted or not
* @return boolean

3
app/main/controller/setup.php
View File

@@ -30,17 +30,14 @@ class Setup extends Controller {
'Model\SystemStatusModel',
'Model\SystemNeighbourModel',
'Model\WormholeModel',
'Model\RegistrationKeyModel',
'Model\CharacterStatusModel',
'Model\ConnectionScopeModel',
'Model\UserMapModel',
'Model\CharacterMapModel',
'Model\AllianceMapModel',
'Model\CorporationMapModel',
'Model\UserApiModel',
'Model\UserCharacterModel',
'Model\CharacterModel',
'Model\CharacterLogModel',