diff --git a/web/api/delete/desktop.ini b/web/api/delete/desktop.ini new file mode 100755 index 0000000..8f895e1 --- /dev/null +++ b/web/api/delete/desktop.ini @@ -0,0 +1,5 @@ +[.ShellClassInfo] +InfoTip=Γίνεται κοινή χρήση αυτού του φακέλου στο διαδίκτυο. +IconFile=C:\Program Files (x86)\Google\Drive\googledrivesync.exe +IconIndex=12 + \ No newline at end of file diff --git a/web/api/delete/diy_Deldevice.php b/web/api/delete/diy_Deldevice.php new file mode 100755 index 0000000..2ca35f3 --- /dev/null +++ b/web/api/delete/diy_Deldevice.php @@ -0,0 +1,232 @@ +To Organisation prepei na yparchei kai o christis na einai o owner i na aniki sto Organisations admin scope", + * type="deldevice", + * nickname="del_device", + * @SWG\Parameter( + * name="access_token", + * description="access_token", + * required=true, + * type="text", + * paramType="query" + * ), + * @SWG\Parameter( + * name="org", + * description="organisation gia to device", + * required=true, + * type="text", + * paramType="query" + * ), + * @SWG\Parameter( + * name="device", + * description="device name (alphanumeric)", + * required=true, + * type="text", + * paramType="query" + * ), + * @SWG\ResponseMessage(code=200, message="Επιτυχία", responseModel="Success"), + * @SWG\ResponseMessage(code=500, message="Αποτυχία", responseModel="Failure") + * ) + * ) + * + */ +/** + * + * @SWG\Model( + * id="deldevice", + * @SWG\Property(name="error",type="text",description="error"), + * @SWG\Property(name="status",type="integer",description="status code"), + * @SWG\Property(name="message",type="string",description="status message"), + * @SWG\Property(name="org",type="string",description="organisation pou aniki to device"), + * @SWG\Property(name="device",type="string",description="device name"), + * @SWG\Property(name="status",type="string",description="status of device private/org/public"), + * @SWG\Property(name="mode",type="string",description="mode of device devel/production") + * ) + */ +//api/delete/diy_Deldevice.php +// delete device for delete +// access_token device org +$app->delete('/deldevice', function () use ($authenticateForRole, $diy_storage) { + global $app; + $params = loadParameters(); + $server = $authenticateForRole(); + $dbstorage = $diy_storage(); + if (!$server->verifyResourceRequest(OAuth2\Request::createFromGlobals())) { + $server->getResponse()->send(); + die; + } else { + $crypto_token = OAuth2\Request::createFromGlobals()->request["access_token"]; + $separator = '.'; + list($header, $payload, $signature) = explode($separator, $crypto_token); + //echo base64_decode($payload); + $params["payload"] = $payload; + $params["storage"] = $dbstorage; + $result = diy_deldevice( + $params["payload"], $params["storage"], $params["test"] + ); + PrepareResponse(); + //$result["result"]= var_export(OAuth2\Request::createFromGlobals(),true); + $app->response()->setBody(toGreek(json_encode($result))); + } +}); + +function diy_deldevice($payload, $storage) { + global $app; + $result["controller"] = __FUNCTION__; + $result["function"] = substr($app->request()->getPathInfo(), 1); + $result["method"] = $app->request()->getMethod(); + $params = loadParameters(); + $result->function = substr($app->request()->getPathInfo(), 1); + $result->method = $app->request()->getMethod(); + //$params = loadParameters(); + $up = json_decode(base64_decode($payload)); + $client_id = $up->client_id; + $userscope = $up->scope; + $org = OAuth2\Request::createFromGlobals()->request["org"]; + $device = OAuth2\Request::createFromGlobals()->request["device"]; + + $diy_error["delete"]["org"] = $org; + $diy_error["delete"]["device"] = $device; + + $delete["org"] = $org; //organisation oauth_devices + $delete["device"] = $device; // to client_id tou device oauth_devices oauth_clients oauth_public_keys + + $gump = new GUMP(); + $gump->validation_rules(array( + 'org' => 'required|alpha_numeric', + 'device' => 'required|alpha_numeric', + 'client_secret' => 'required|max_len,100|min_len,6', + 'device_desc' => 'required|max_len,100' + )); + $gump->filter_rules(array( + 'org' => 'trim|sanitize_string', + 'device' => 'trim|sanitize_string', + 'client_secret' => 'trim', + 'device_desc' => 'trim|sanitize_string' + )); + $validated = $gump->run($delete); + if ($validated === false) { + $result["parse_errors"] = $gump->get_readable_errors(true); + $result["message"] = "[" . $result["method"] . "][" . $result["function"] . "]:" . $gump->get_readable_errors(true); + } else { + + //check if org name exists + $orgexists = "no"; + $stmtorg = $storage->prepare('SELECT * FROM oauth_organisations WHERE organisation = :org'); + $stmtorg->execute(array('org' => trim($org))); + $roworg = $stmtorg->fetch(PDO::FETCH_ASSOC); + if ($roworg) { + $orgexists = "yes"; + //$result["result"]["error"] = ExceptionMessages::OrgExist." , ". ExceptionCodes::OrgExist; + + $orgadmin = "no"; + $orgowner = "no"; + $userscopes = explode(' ', trim($userscope)); + $orgscope = $org . "_admin"; + for ($i = 0; $i <= count($userscopes); $i++) { + if (trim($userscopes[$i]) == $orgscope) { + $orgadmin = "yes"; + } + } + if ($orgadmin == "no") { + //check if org name exists and client_id + $stmtorg1 = $storage->prepare('SELECT * FROM oauth_organisations WHERE organisation = :org and client_id = :client_id'); + $stmtorg1->execute(array('org' => trim($org), 'client_id' => $client_id)); + $roworg1 = $stmtorg1->fetch(PDO::FETCH_ASSOC); + if (!$roworg1) { + $result["result"]["error"] = ExceptionMessages::OrgOwner . " , " . ExceptionCodes::OrgOwner; + } else { + $orgowner = "yes"; + } + } + } else { + $result["result"]["error"] = ExceptionMessages::OrgNotExist . " , " . ExceptionCodes::OrgNotExist; + } + + //check if device name exists + $orgdeviceexists = "no"; + $stmt = $storage->prepare('SELECT client_id FROM oauth_clients WHERE client_id = :device'); + $stmt->execute(array('device' => trim($device))); + $row = $stmt->fetch(PDO::FETCH_ASSOC); + if ($row) { + $orgdeviceexists = "yes"; + } + + + +//DEL!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!! + if (($orgexists == "yes" && ($orgowner == "yes" || $orgadmin == "yes")) && $orgdeviceexists == "yes") { + + try { + + // DELETE all public keys for this device + $stmt1 = $storage->prepare('DELETE FROM oauth_public_keys WHERE client_id:=client_id'); + $stmt1->execute(array('client_id' => $device)); + + + // DELETE all port for this device + $stmt2 = $storage->prepare('DELETE FROM oauth_ports WHERE client_id:=client_id '); + $stmt2->execute(array('client_id' => $device)); + + // DELETE the device + $stmt3 = $storage->prepare('DELETE FROM oauth_devices WHERE device = :device'); + $stmt3->execute(array('device' => $device)); + + + //SELECT for user_id + $stmt4 = $storage->query('SELECT user_id FROM oauth_clients WHERE client_id=:client_id'); + $stmt4->execute(array('client_id' => $device)); + $rowid = $stmt4->fetch(PDO::FETCH_ASSOC); + if ($rowid) { + $user_id = $rowid["user_id"]; + } + + //DELETE the user for the device + $stmt5 = $storage->prepare('DELETE FROM oauth_users WHERE user_id:=user_id'); + $stmt5->execute(array('user_id' => $user_id)); + + + //DELETE the the connect with the client and device + $stmt6 = $storage->prepare('DELETE FROM oauth_clients WHERE client_id=:client_id'); + $stmt6->execute(array('client_id' => $device)); + + + $delete["status"] = $status; + $delete["mode"] = $mode; + + //result_messages================================================================================================================================================================================================ + $result["result"]["result"] = $delete; + $result["result"]["session"] = $session; + $result["error"] = $error; + $result["status"] = "200"; + $result["message"] = "[" . $result["method"] . "][" . $result["function"] . "]: NoErrors"; + } catch (Exception $e) { + $result["status"] = $e->getCode(); + $result["message"] = "[" . $result["method"] . "][" . $result["function"] . "]:" . $e->getMessage(); + } + } + } + if (diyConfig::read('debug') == 1) { + $result["debug"] = $diy_error; + } + + return $result; +} diff --git a/web/api/delete/diy_Delorg.php b/web/api/delete/diy_Delorg.php new file mode 100755 index 0000000..ac5d8da --- /dev/null +++ b/web/api/delete/diy_Delorg.php @@ -0,0 +1,249 @@ +delete('/delorg', function () use ($authenticateForRole, $diy_storage) { + global $app; + $params = loadParameters(); + $server = $authenticateForRole(); + $dbstorage = $diy_storage(); + if (!$server->verifyResourceRequest(OAuth2\Request::createFromGlobals())) { + $server->getResponse()->send(); + die; + } else { + $crypto_token = OAuth2\Request::createFromGlobals()->request["access_token"]; + $separator = '.'; + list($header, $payload, $signature) = explode($separator, $crypto_token); + //echo base64_decode($payload); + $params["payload"] = $payload; + $params["storage"] = $dbstorage; + $result = diy_delorg( + $params["payload"], $params["storage"], $params["test"] + ); + PrepareResponse(); + //$result["result"]= var_export(OAuth2\Request::createFromGlobals(),true); + $app->response()->setBody(toGreek(json_encode($result))); + } +}); + +//bgazw pantou to org_desc + +function diy_delorg($payload, $storage) { + global $app; + $result["controller"] = __FUNCTION__; + $result["function"] = substr($app->request()->getPathInfo(), 1); + $result["method"] = $app->request()->getMethod(); + $params = loadParameters(); + $result->function = substr($app->request()->getPathInfo(), 1); + $result->method = $app->request()->getMethod(); + $up = json_decode(base64_decode($payload)); + $client_id = $up->client_id; + $org = OAuth2\Request::createFromGlobals()->request["org"]; + + $diy_error["delete"]["org"] = $org; + + $delete["org"] = $org; + + $gump = new GUMP(); + $gump->validation_rules(array( + 'org' => 'required|alpha_numeric', + )); + $gump->filter_rules(array( + 'org' => 'trim|sanitize_string', + )); + $validated = $gump->run($delete); + if ($validated === false) { + $result["parse_errors"] = $gump->get_readable_errors(true); + $result["message"] = "[" . $result["method"] . "][" . $result["function"] . "]:" . $gump->get_readable_errors(true); + } else { + //check if organisation name exists + $stmt = $storage->prepare('SELECT * FROM oauth_organisations WHERE organisation = :org'); + $stmt->execute(array('org' => trim($org))); + $row = $stmt->fetch(PDO::FETCH_ASSOC); + if (!$row) { //false!!!!!!!!!!!!!!!!!!!!!!!!!!!!! + $result["result"]["error"] = ExceptionMessages::OrgExist . " , " . ExceptionCodes::OrgExist; + } else { + + try { + + //1. delete to organisation + // DELETE organisation + $stmt1 = $storage->prepare('DELETE FROM oauth_organisations WHERE org:=org'); + $stmt1->execute(array('org' => $org)); + + + //2. delete ola ta scopes einai 8 !!!!!!!!!!!!!!!!!!!!!!!!!!!!! den kserw an prepei na elegxontai ptwra oi xristes kai meta na ektelite to 2. + // DELETE scope $org + $stmt2 = $storage->prepare('DELETE FROM oauth_scopes WHERE scope:=scope '); + $stmt2->execute(array('scope' => $org)); + + // DELETE scope $org."_dev" + $stmt3 = $storage->prepare('DELETE FROM oauth_scopes WHERE scope:=scope '); + $stmt3->execute(array('scope' => $org . "_dev")); + + // DELETE scope $org."_dpri" + $stmt4 = $storage->prepare('DELETE FROM oauth_scopes WHERE scope:=scope '); + $stmt4->execute(array('scope' => $org)); + + // DELETE scope $org."_org" + $stmt5 = $storage->prepare('DELETE FROM oauth_scopes WHERE scope:=scope '); + $stmt5->execute(array('scope' => $org)); + + // DELETE scope $org."_dpub" + $stmt6 = $storage->prepare('DELETE FROM oauth_scopes WHERE scope:=scope '); + $stmt6->execute(array('scope' => $org)); + + // DELETE scope $org."_view" + $stmt7 = $storage->prepare('DELETE FROM oauth_scopes WHERE scope:=scope '); + $stmt7->execute(array('scope' => $org)); + + // DELETE scope $org."_devel" + $stmt8 = $storage->prepare('DELETE FROM oauth_scopes WHERE scope:=scope '); + $stmt8->execute(array('scope' => $org)); + + // DELETE scope $org."_admin" + $stmt9 = $storage->prepare('DELETE FROM oauth_scopes WHERE scope:=scope '); + $stmt9->execute(array('scope' => $org)); + + + + //3. delete kathe scope toy client pou itan melos sto organisation auto + //3.1. ta devices exoun scope san <$org, $org."_dev", $org."_dpri", $org."_org", $org."_dpub"> (mporei ena mporei kai ola) opote prepei na kanoume ta katalilla deletes gia kathe device + //3.2. oi xristes exoun scope san <$org."_view" $org."_devel" $org."_admin"> (mporei ena mporei kai ola) oi xristes mporei na min se kanena org opote exoume mono na diagrapsoume ena kommati apo to scope tous + //tha prepei na ginei select gia na paroume to scope (easy) + //kai na bgaloume apo OLO to scope pou 8a exei enas xristis mono tou organismou autou + //kai na kanoume update + //SELECT scope + $stmt1 = $storage->query('SELECT * FROM oauth_clients'); + $stmt1->execute(); + while ($rowid = $stmt1->fetch(PDO::FETCH_ASSOC, PDO::FETCH_ORI_NEXT)) { + $type = "none"; + + $scope = $rowid["scope"]; + $user = $rowid["client_id"]; + + $words = explode(" ", $scope); + + foreach ($words as $value) { + //an den einai tpt apo ta parakatw + if (strcmp($value, $org) != 0 && strcmp($value, $org . "_dev") != 0 && strcmp($value, $org . "_dpri") != 0 && strcmp($value, $org . "_org") != 0 && strcmp($value, $org . "_dpub") != 0 && strcmp($value, $org . "_view") != 0 && strcmp($value, $org . "_devel") != 0 && strcmp($value, $org . "_admin") != 0) { + $newscope .= ' '.$value; + //an einai device + } elseif (strcmp($value, $org) == 0 || strcmp($value, $org . "_dev") == 0 || strcmp($value, $org . "_dpri") == 0 || strcmp($value, $org . "_org") == 0 || strcmp($value, $org . "_dpub") == 0) { + $type = "device"; + //an einai user + } elseif (strcmp($value, $org . "_view") == 0 || strcmp($value, $org . "_devel") == 0 || strcmp($value, $org . "_admin") == 0) { + $type = "user"; + } + } + + if ($type == "user") { + //UPDATE scope + $stmt5 = $storage->prepare('UPDATE oauth_clients set scope = :newscope where client_id = :client_id'); + $stmt5->execute(array('newscope' => $newscope, 'client_id' => $user)); + } elseif ($type == "device") { + // DELETE all public keys for this device + $stmt1 = $storage->prepare('DELETE FROM oauth_public_keys WHERE client_id:=client_id'); + $stmt1->execute(array('client_id' => $user)); + + + // DELETE all port for this device + $stmt2 = $storage->prepare('DELETE FROM oauth_ports WHERE client_id:=client_id '); + $stmt2->execute(array('client_id' => $user)); + + // DELETE the device + $stmt3 = $storage->prepare('DELETE FROM oauth_devices WHERE device = :device'); + $stmt3->execute(array('device' => $user)); + + + //SELECT for user_id + $stmt4 = $storage->query('SELECT user_id FROM oauth_clients WHERE client_id=:client_id'); + $stmt4->execute(array('client_id' => $user)); + $rowid = $stmt4->fetch(PDO::FETCH_ASSOC); + if ($rowid) { + $user_id = $rowid["user_id"]; + } + + //DELETE the user for the device + $stmt5 = $storage->prepare('DELETE FROM oauth_users WHERE user_id:=user_id'); + $stmt5->execute(array('user_id' => $user_id)); + + + //DELETE the the connect with the client and device + $stmt6 = $storage->prepare('DELETE FROM oauth_clients WHERE client_id=:client_id'); + $stmt6->execute(array('client_id' => $user)); + } + } + + + + //result_messages=============================================================== + $result["result"]["result"] = $delete; + $result["result"]["session"] = $session; + $result["error"] = $error; + $result["status"] = "200"; + $result["message"] = "[" . $result["method"] . "][" . $result["function"] . "]: NoErrors"; + } catch (Exception $e) { + $result["status"] = $e->getCode(); + $result["message"] = "[" . $result["method"] . "][" . $result["function"] . "]:" . $e->getMessage(); + } + } + } + if (diyConfig::read('debug') == 1) { + $result["debug"] = $diy_error; + } + + return $result; +} diff --git a/web/api/delete/diy_Deluo.php b/web/api/delete/diy_Deluo.php new file mode 100755 index 0000000..e6f0fd7 --- /dev/null +++ b/web/api/delete/diy_Deluo.php @@ -0,0 +1,179 @@ +$delete('/deluo', function () use ($authenticateForRole, $diy_storage) { + global $app; + $params = loadParameters(); + $server = $authenticateForRole(); + $dbstorage = $diy_storage(); + if (!$server->verifyResourceRequest(OAuth2\Request::createFromGlobals())) { + $server->getResponse()->send(); + die; + } else { + $crypto_token = OAuth2\Request::createFromGlobals()->request["access_token"]; + $separator = '.'; + list($header, $payload, $signature) = explode($separator, $crypto_token); + //echo base64_decode($payload); + $params["payload"] = $payload; + $params["storage"] = $dbstorage; + $result = diy_deluo( + $params["payload"], $params["storage"], $params["test"] + ); + PrepareResponse(); + //$result["result"]= var_export(OAuth2\Request::createFromGlobals(),true); + $app->response()->setBody(toGreek(json_encode($result))); + } +}); + +function diy_deluo($payload, $storage) { + global $app; + $result["controller"] = __FUNCTION__; + $result["function"] = substr($app->request()->getPathInfo(), 1); + $result["method"] = $app->request()->getMethod(); + $params = loadParameters(); + $result->function = substr($app->request()->getPathInfo(), 1); + $result->method = $app->request()->getMethod(); + //$params = loadParameters(); + $up = json_decode(base64_decode($payload)); + $client_id = $up->client_id; + + $org = OAuth2\Request::createFromGlobals()->request["org"]; + $username = OAuth2\Request::createFromGlobals()->request["username"]; + + $diy_error["delete"]["org"] = $org; + $diy_error["delete"]["username"] = $username; + + $delete["org"] = $org; + $delete["username"] = $username; + + $gump = new GUMP(); + $gump->validation_rules(array( + 'org' => 'required|alpha_numeric', + 'username' => 'required|alpha_numeric' + )); + $gump->filter_rules(array( + 'org' => 'trim|sanitize_string', + 'username' => 'trim|required|alpha_numeric' + )); + $validated = $gump->run($delete); + if ($validated === false) { + $result["parse_errors"] = $gump->get_readable_errors(true); + $result["message"] = "[" . $result["method"] . "][" . $result["function"] . "]:" . $gump->get_readable_errors(true); + } else { + + //check if organisation name exists + $stmt = $storage->prepare('SELECT * FROM oauth_organisations WHERE organisation = :org'); + $stmt->execute(array('org' => trim($org))); + $row = $stmt->fetch(PDO::FETCH_ASSOC); + if ($row) { + $result["result"]["error"] = ExceptionMessages::OrgExist . " , " . ExceptionCodes::OrgExist; + } else { + + try { + //check if user exist + $stmt6 = $storage->prepare('SELECT * FROM oauth_clients WHERE client_id = :client_id'); + $stmt6->execute(array('client_id' => trim($username))); + $row6 = $stmt6->fetch(PDO::FETCH_ASSOC); + if ($row6) { + + //SELECT scope + $stmt1 = $storage->query('SELECT scope FROM oauth_clients WHERE client_id=:client_id'); + $stmt1->execute(array('client_id' => $username)); + $rowid = $stmt4->fetch(PDO::FETCH_ASSOC); + if ($rowid) { + $scope = $rowid["scope"]; + + // xwrizoume to string me ta kena + $words = explode(" ", $scope); + + foreach($words as $value) { + if( strcmp($value,$org . "_devel")!=0 && strcmp($value,$org . "_view")!=0 ){ + $newscope .= ' '.$value; + } + } + + //UPDATE scope + $stmt5 = $storage->prepare('UPDATE oauth_clients set scope = :newscope where client_id = :client_id'); + $stmt5->execute(array('newscope' => $newscope, 'client_id' => $username)); + } + } + + //result_messages=============================================================== + $result["result"]["result"] = $delete; + $result["result"]["session"] = $session; + $result["error"] = $error; + $result["status"] = "200"; + $result["message"] = "[" . $result["method"] . "][" . $result["function"] . "]: NoErrors"; + } catch (Exception $e) { + $result["status"] = $e->getCode(); + $result["message"] = "[" . $result["method"] . "][" . $result["function"] . "]:" . $e->getMessage(); + } + } + } + if (diyConfig::read('debug') == 1) { + $result["debug"] = $diy_error; + } + + return $result; +} diff --git a/web/api/delete/diy_Deluser.php b/web/api/delete/diy_Deluser.php new file mode 100755 index 0000000..94f10ae --- /dev/null +++ b/web/api/delete/diy_Deluser.php @@ -0,0 +1,158 @@ +delete('/delorg', function () use ($authenticateForRole, $diy_storage) { + global $app; + $params = loadParameters(); + $server = $authenticateForRole(); + $dbstorage = $diy_storage(); + if (!$server->verifyResourceRequest(OAuth2\Request::createFromGlobals())) { + $server->getResponse()->send(); + die; + } else { + $crypto_token = OAuth2\Request::createFromGlobals()->request["access_token"]; + $separator = '.'; + list($header, $payload, $signature) = explode($separator, $crypto_token); + //echo base64_decode($payload); + $params["payload"] = $payload; + $params["storage"] = $dbstorage; + $result = diy_deluser( + $params["payload"], $params["storage"], $params["test"] + ); + PrepareResponse(); + //$result["result"]= var_export(OAuth2\Request::createFromGlobals(),true); + $app->response()->setBody(toGreek(json_encode($result))); + } +}); + +function diy_deluser($payload, $storage) { + global $app; + $result["controller"] = __FUNCTION__; + $result["function"] = substr($app->request()->getPathInfo(), 1); + $result["method"] = $app->request()->getMethod(); + $params = loadParameters(); + + $result->function = substr($app->request()->getPathInfo(), 1); + $result->method = $app->request()->getMethod(); + //$params = loadParameters(); + $up = json_decode(base64_decode($payload)); + $client_id = $up->client_id; + + $client_id = OAuth2\Request::createFromGlobals()->request["username"]; + $client_secret = OAuth2\Request::createFromGlobals()->request["passwrd"]; + + $diy_error["delete"]["client_id"] = $client_id; + $diy_error["delete"]["client_secret"] = $client_secret; + + $delete["client_id"] = $client_id; + $delete["client_secret"] = $client_secret; + + $gump = new GUMP(); + $gump->validation_rules(array( + 'client_id' => 'required|alpha_numeric', + 'client_secret' => 'required|alpha_numeric', + )); + $gump->filter_rules(array( + 'client_id' => 'trim|sanitize_string', + 'client_secret' => 'trim|sanitize_string', + )); + $validated = $gump->run($post); + if ($validated === false) { + $result["parse_errors"] = $gump->get_readable_errors(true); + $result["message"] = "[" . $result["method"] . "][" . $result["function"] . "]:" . $gump->get_readable_errors(true); + } else { + //check if username exists + $stmt = $storage->prepare('SELECT * FROM oauth_clients WHERE client_id = :client_id AND client_secret = :client_secret'); + $stmt->execute(array('client_id' => $client_id, 'client_secret' => $client_secret)); + $row = $stmt->fetch(PDO::FETCH_ASSOC); + if (!$row) { //false!!!!!!!!!!!!!!!!!!!!!!!!!!!!! + $result["result"]["error"] = ExceptionMessages::OrgExist . " , " . ExceptionCodes::OrgExist; + } else { + + try { + //SELECT for user_id + $stmt1 = $storage->query('SELECT user_id FROM oauth_clients WHERE client_id=:client_id'); + $stmt1->execute(array('client_id' => $client_id)); + $rowid = $stmt4->fetch(PDO::FETCH_ASSOC); + if ($rowid) { + $user_id = $rowid["user_id"]; + } + + //DELETE the user for the user + $stmt2 = $storage->prepare('DELETE FROM oauth_users WHERE user_id:=user_id'); + $stmt2->execute(array('user_id' => $user_id)); + + + //DELETE the the connect with the client and user + $stmt3 = $storage->prepare('DELETE FROM oauth_clients WHERE client_id=:client_id'); + $stmt3->execute(array('client_id' => $client_id)); + + //result_messages=============================================================== + $result["result"]["user_id"] = $user_id; + $result["error"] = $error; + $result["status"] = "200"; + $result["message"] = "[" . $result["method"] . "][" . $result["function"] . "]: NoErrors"; + } catch (Exception $e) { + $result["status"] = $e->getCode(); + $result["message"] = "[" . $result["method"] . "][" . $result["function"] . "]:" . $e->getMessage(); + } + } + } + if (diyConfig::read('debug') == 1) { + $result["debug"] = $diy_error; + } + + return $result; +} diff --git a/web/api/get/desktop.ini b/web/api/get/desktop.ini new file mode 100755 index 0000000..8f895e1 --- /dev/null +++ b/web/api/get/desktop.ini @@ -0,0 +1,5 @@ +[.ShellClassInfo] +InfoTip=Γίνεται κοινή χρήση αυτού του φακέλου στο διαδίκτυο. +IconFile=C:\Program Files (x86)\Google\Drive\googledrivesync.exe +IconIndex=12 + \ No newline at end of file diff --git a/web/api/get/diy_activate_account.php b/web/api/get/diy_activate_account.php old mode 100644 new mode 100755 diff --git a/web/api/post/desktop.ini b/web/api/post/desktop.ini new file mode 100755 index 0000000..8f895e1 --- /dev/null +++ b/web/api/post/desktop.ini @@ -0,0 +1,5 @@ +[.ShellClassInfo] +InfoTip=Γίνεται κοινή χρήση αυτού του φακέλου στο διαδίκτυο. +IconFile=C:\Program Files (x86)\Google\Drive\googledrivesync.exe +IconIndex=12 + \ No newline at end of file diff --git a/web/api/post/diy_Addorg.php b/web/api/post/diy_Addorg.php index 9d9acca..60bad16 100755 --- a/web/api/post/diy_Addorg.php +++ b/web/api/post/diy_Addorg.php @@ -60,9 +60,9 @@ * @SWG\Property(name="org_desc",type="string",description="org desc"), * ) */ -//api/get/diy_Adddevice.php -// post device for add -// access_token device org +//api/get/diy_Addorg.php +// post org for add +// access_token org $app->post('/addorg', function () use ($authenticateForRole, $diy_storage) { global $app; $params = loadParameters(); @@ -122,7 +122,7 @@ function diy_addorg($payload,$storage){ $result["parse_errors"] = $gump->get_readable_errors(true); $result["message"] = "[".$result["method"]."][".$result["function"]."]:".$gump->get_readable_errors(true); }else{ - //check if device name exists + //check if organisation name exists $stmt = $storage->prepare('SELECT * FROM oauth_organisations WHERE organisation = :org'); $stmt->execute(array('org' => trim($org))); $row = $stmt->fetch(PDO::FETCH_ASSOC); diff --git a/web/api/post/diy_Adduo.php b/web/api/post/diy_Adduo.php new file mode 100755 index 0000000..605d353 --- /dev/null +++ b/web/api/post/diy_Adduo.php @@ -0,0 +1,163 @@ +post('/adduo', function () use ($authenticateForRole, $diy_storage) { + global $app; + $params = loadParameters(); + $server = $authenticateForRole(); + $dbstorage = $diy_storage(); + if (!$server->verifyResourceRequest(OAuth2\Request::createFromGlobals())) { + $server->getResponse()->send(); + die; + } else { + $crypto_token = OAuth2\Request::createFromGlobals()->request["access_token"]; + $separator = '.'; + list($header, $payload, $signature) = explode($separator, $crypto_token); + //echo base64_decode($payload); + $params["payload"] = $payload; + $params["storage"] = $dbstorage; + $result = diy_adduo( + $params["payload"], $params["storage"], $params["test"] + ); + PrepareResponse(); + //$result["result"]= var_export(OAuth2\Request::createFromGlobals(),true); + $app->response()->setBody(toGreek(json_encode($result))); + } +}); + +function diy_adduo($payload, $storage) { + global $app; + $result["controller"] = __FUNCTION__; + $result["function"] = substr($app->request()->getPathInfo(), 1); + $result["method"] = $app->request()->getMethod(); + $params = loadParameters(); + $result->function = substr($app->request()->getPathInfo(), 1); + $result->method = $app->request()->getMethod(); + //$params = loadParameters(); + $up = json_decode(base64_decode($payload)); + $client_id = $up->client_id; + + $org = OAuth2\Request::createFromGlobals()->request["org"]; + $username = OAuth2\Request::createFromGlobals()->request["username"]; + + $diy_error["post"]["org"] = $org; + $diy_error["post"]["username"] = $username; + + $post["org"] = $org; + $post["username"] = $username; + + $gump = new GUMP(); + $gump->validation_rules(array( + 'org' => 'required|alpha_numeric', + 'username' => 'required|alpha_numeric' + )); + $gump->filter_rules(array( + 'org' => 'trim|sanitize_string', + 'username' => 'trim|required|alpha_numeric' + )); + $validated = $gump->run($post); + if ($validated === false) { + $result["parse_errors"] = $gump->get_readable_errors(true); + $result["message"] = "[" . $result["method"] . "][" . $result["function"] . "]:" . $gump->get_readable_errors(true); + } else { + + //check if organisation name exists + $stmt = $storage->prepare('SELECT * FROM oauth_organisations WHERE organisation = :org'); + $stmt->execute(array('org' => trim($org))); + $row = $stmt->fetch(PDO::FETCH_ASSOC); + if ($row) { + $result["result"]["error"] = ExceptionMessages::OrgExist . " , " . ExceptionCodes::OrgExist; + } else { + + try { + //check if user exist + $stmt6 = $storage->prepare('SELECT * FROM oauth_clients WHERE client_id = :client_id'); + $stmt6->execute(array('client_id' => trim($username))); + $row6 = $stmt6->fetch(PDO::FETCH_ASSOC); + if ($row6) { + $scope6 = $row6["scope"]; + $scope6 .=" " . $org . "_devel"; //den kserw an prepei na mpei kai devel i mono view!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!! + $scope6 .=" " . $org . "_view"; + $stmt5 = $storage->prepare('UPDATE oauth_clients set scope = :scope6 where client_id = :client_id'); + $stmt5->execute(array('scope6' => $scope6, 'client_id' => $username)); + } + + //result_messages=============================================================== + $result["result"]["result"] = $post; + $result["result"]["session"] = $session; + $result["error"] = $error; + $result["status"] = "200"; + $result["message"] = "[" . $result["method"] . "][" . $result["function"] . "]: NoErrors"; + } catch (Exception $e) { + $result["status"] = $e->getCode(); + $result["message"] = "[" . $result["method"] . "][" . $result["function"] . "]:" . $e->getMessage(); + } + } + } + if (diyConfig::read('debug') == 1) { + $result["debug"] = $diy_error; + } + + return $result; +} diff --git a/web/api/post/diy_compiledevices.php b/web/api/post/diy_compiledevices.php index 783d1a7..0f47942 100755 --- a/web/api/post/diy_compiledevices.php +++ b/web/api/post/diy_compiledevices.php @@ -33,14 +33,7 @@ * ), * @SWG\Parameter( * name="srcfile", - * description="src file base64_encode", - * required=true, - * type="text", - * paramType="query" - * ), - * @SWG\Parameter( - * name="srclib", - * description="array with libs. base64_encode", + * description="src file", * required=true, * type="text", * paramType="query" @@ -83,7 +76,7 @@ /** * * @SWG\Model( - * id="compile", + * id="writedevice", * @SWG\Property(name="error",type="text",description="error") * ) * @SWG\Property(name="status",type="integer",description="status code") @@ -128,7 +121,6 @@ function diy_compile($payload,$storage){ $result->method = $app->request()->getMethod(); $params = loadParameters(); $srcfile= OAuth2\Request::createFromGlobals()->request["srcfile"]; - $srclib= OAuth2\Request::createFromGlobals()->request["srclib"]; $device= OAuth2\Request::createFromGlobals()->request["device"]; $comp= OAuth2\Request::createFromGlobals()->request["comp"]; $filename= OAuth2\Request::createFromGlobals()->request["filename"]; @@ -160,9 +152,6 @@ function diy_compile($payload,$storage){ $result["message"] = "[".$result["method"]."][".$result["function"]."]:".$gump->get_readable_errors(true); }else{ try { - $sourceWriteDir = __DIR__.'/../../../data/sketches/'.$client_id.'/'.$device.'/'.$filename; - if(file_exists($sourceWriteDir)) { throw new \Exception('Filename '.$filename.' for user '.$client_id.' and device '.$device.' already exists'); } - $stmt2 = $storage->prepare('SELECT * FROM oauth_devices WHERE device = :device'); $stmt2->execute(array('device' => trim($device))); $row2 = $stmt2->fetch(PDO::FETCH_ASSOC); @@ -223,16 +212,12 @@ function diy_compile($payload,$storage){ // epistrefei // error ta lathi h noerrors // binfile to hex file + $srcfilebase64encode = urlencode(base64_encode(urlencode($srcfile))); $compilerserver = diyConfig::read("compiler.host"); $compilerserver .= ":".diyConfig::read("compiler.port"); $data1 = 'filename='.$filename; $data1 .= '&compiler='.$comp; - $data1 .= '&srcfile='.$srcfile; - $fixedFiles = array(); - foreach($srclib as $curName => $curFile) { - $fixedFiles[] = 'srclib['.$curName.']='.$curFile; - } - $data1 .= '&'.implode('&', $fixedFiles); + $data1 .= '&srcfile='.$srcfilebase64encode; $ch = curl_init(); @@ -242,27 +227,20 @@ function diy_compile($payload,$storage){ curl_setopt ($ch, CURLOPT_RETURNTRANSFER, 1); curl_setopt ($ch, CURLOPT_POSTFIELDS, $data1); curl_setopt ($ch, CURLOPT_POST, 1); - $or = curl_exec($ch); - if(!$or) { $or = curl_error($ch); } - $result["compiler"] = $or; + $r = curl_exec($ch); + $result["compiler"]= $r; $result["message"] = "[".$result["method"]."][".$result["function"]."]: NoErrors"; $result["status"] = "200"; - $r = json_decode($or, true); - if(!$r) { - $result["message"] = "[".$result["method"]."][".$result["function"]."]: CompilationError"; - $result["compiler"]= $or; - $result["status"] = "500"; - return $result; - } + $r = json_decode($r, true); + if(!$r) { echo 'Error: '.$r; die(); } if($r['status'] != 200) { $result["message"] = "[".$result["method"]."][".$result["function"]."]: CompilationError"; $result["status"] = "500"; return $result; } - unset($result["compiler"]); // No need to transfer this to the user - //$srcfilebase64encode = base64_encode($srcfile); + $srcfilebase64encode = base64_encode($srcfile); $apiport = trim($row2["apiport"]); @@ -276,7 +254,7 @@ function diy_compile($payload,$storage){ $ch = curl_init(); curl_setopt ($ch, CURLOPT_URL,"http://127.0.0.1:$apiport/api/writesketch"); - curl_setopt ($ch, CURLOPT_TIMEOUT, 90); + curl_setopt ($ch, CURLOPT_TIMEOUT, 60); curl_setopt ($ch, CURLOPT_FOLLOWLOCATION, 1); curl_setopt ($ch, CURLOPT_RETURNTRANSFER, 1); curl_setopt ($ch, CURLOPT_POSTFIELDS, $data1); @@ -285,19 +263,11 @@ function diy_compile($payload,$storage){ $result["sketch"]= $r; $result["message"] = "[".$result["method"]."][".$result["function"]."]: NoErrors"; $result["status"] = "200"; - //$result["result"]= $r; + $result["result"]= $r; } - // If we are here with no exceptions then everything went well. Lets save the sketch. - $ziptmp = tempnam(sys_get_temp_dir(), 'diytmpzip').'.tgz'; - file_put_contents($ziptmp, base64_decode($r['zip'])); - $p = new PharData($ziptmp); - $p->decompress(); // creates /path/to/my.tar - $ziptmpextracted = str_replace('.tgz', '.tar', $ziptmp); - $phar = new PharData($ziptmpextracted); - $writeDir = __DIR__.'/../../../data/sketches/'.$client_id.'/'.$filename; - $phar->extractTo($sourceWriteDir); + }