From 079c1a94283ba3305a9dd4cb7cc487af0efbb6da Mon Sep 17 00:00:00 2001 From: netkas Date: Fri, 6 Jun 2025 13:39:32 -0400 Subject: [PATCH] Refactor authentication handling by replacing getAuthenticatedOperator with requireAuthenticatedOperator in multiple entity methods --- src/FederationServer/FederationServer.php | 3 +-- .../Methods/Entities/ListEntityAuditLogs.php | 2 -- .../Methods/Entities/ListEntityBlacklistRecords.php | 2 +- .../Methods/Entities/ListEntityEvidence.php | 5 ++--- src/FederationServer/Methods/Entities/PushEntity.php | 2 +- src/FederationServer/Methods/Entities/QueryEntity.php | 11 +++++++++-- 6 files changed, 14 insertions(+), 11 deletions(-) diff --git a/src/FederationServer/FederationServer.php b/src/FederationServer/FederationServer.php index e49923f..9b61354 100644 --- a/src/FederationServer/FederationServer.php +++ b/src/FederationServer/FederationServer.php @@ -122,11 +122,10 @@ * This method retrieves the currently authenticated operator, if any. * If no operator is authenticated, it returns null. * - * @param bool $requireAuthentication Whether to require authentication. Defaults to true. * @return OperatorRecord|null The authenticated operator record or null if not authenticated. * @throws RequestException If authentication is provided but is invalid/operator is disabled. */ - public static function getAuthenticatedOperator(bool $requireAuthentication=true): ?OperatorRecord + public static function getAuthenticatedOperator(): ?OperatorRecord { return parent::getAuthenticatedOperator(); } diff --git a/src/FederationServer/Methods/Entities/ListEntityAuditLogs.php b/src/FederationServer/Methods/Entities/ListEntityAuditLogs.php index 4469efd..dc7d0fe 100644 --- a/src/FederationServer/Methods/Entities/ListEntityAuditLogs.php +++ b/src/FederationServer/Methods/Entities/ListEntityAuditLogs.php @@ -47,8 +47,6 @@ $page = 1; } - $results = []; - if($authenticatedOperator === null) { // Public audit logs are enabled, filter by public entries diff --git a/src/FederationServer/Methods/Entities/ListEntityBlacklistRecords.php b/src/FederationServer/Methods/Entities/ListEntityBlacklistRecords.php index 4c842de..404d725 100644 --- a/src/FederationServer/Methods/Entities/ListEntityBlacklistRecords.php +++ b/src/FederationServer/Methods/Entities/ListEntityBlacklistRecords.php @@ -18,7 +18,7 @@ */ public static function handleRequest(): void { - $authenticatedOperator = FederationServer::getAuthenticatedOperator(false); + $authenticatedOperator = FederationServer::getAuthenticatedOperator(); if(!Configuration::getServerConfiguration()->isBlacklistPublic() && $authenticatedOperator === null) { throw new RequestException('Unauthorized: You must be authenticated to list blacklist records', 401); diff --git a/src/FederationServer/Methods/Entities/ListEntityEvidence.php b/src/FederationServer/Methods/Entities/ListEntityEvidence.php index 79d2cc5..abc9206 100644 --- a/src/FederationServer/Methods/Entities/ListEntityEvidence.php +++ b/src/FederationServer/Methods/Entities/ListEntityEvidence.php @@ -17,7 +17,7 @@ */ public static function handleRequest(): void { - $authenticatedOperator = FederationServer::getAuthenticatedOperator(false); + $authenticatedOperator = FederationServer::getAuthenticatedOperator(); $includeConfidential = false; if(!Configuration::getServerConfiguration()->isEvidencePublic() && $authenticatedOperator === null) @@ -70,8 +70,7 @@ throw new RequestException('Internal Server Error: Unable to retrieve evidence', 500, $e); } - $result = array_map(fn($evidence) => $evidence->toArray(), $evidenceRecords); - self::successResponse($result); + self::successResponse(array_map(fn($evidence) => $evidence->toArray(), $evidenceRecords)); } } diff --git a/src/FederationServer/Methods/Entities/PushEntity.php b/src/FederationServer/Methods/Entities/PushEntity.php index 9e196cd..7e59e01 100644 --- a/src/FederationServer/Methods/Entities/PushEntity.php +++ b/src/FederationServer/Methods/Entities/PushEntity.php @@ -15,7 +15,7 @@ */ public static function handleRequest(): void { - $authenticatedOperator = FederationServer::getAuthenticatedOperator(); + $authenticatedOperator = FederationServer::requireAuthenticatedOperator(); if(!$authenticatedOperator->isClient() && !$authenticatedOperator->canManageOperators()) { throw new RequestException('Unauthorized: Insufficient permissions to push entities', 403); diff --git a/src/FederationServer/Methods/Entities/QueryEntity.php b/src/FederationServer/Methods/Entities/QueryEntity.php index 5ddfb49..ec46dea 100644 --- a/src/FederationServer/Methods/Entities/QueryEntity.php +++ b/src/FederationServer/Methods/Entities/QueryEntity.php @@ -2,6 +2,7 @@ namespace FederationServer\Methods\Entities; + use FederationServer\Classes\Configuration; use FederationServer\Classes\Managers\EntitiesManager; use FederationServer\Classes\RequestHandler; use FederationServer\Exceptions\DatabaseOperationException; @@ -15,6 +16,12 @@ */ public static function handleRequest(): void { + $authenticatedOperator = FederationServer::getAuthenticatedOperator(); + if(!Configuration::getServerConfiguration()->isEntitiesPublic() && $authenticatedOperator === null) + { + throw new RequestException('Unauthorized: You must be authenticated to view entity records', 401); + } + $id = FederationServer::getParameter('id'); $domain = FederationServer::getParameter('domain') ?? null; @@ -30,14 +37,14 @@ try { - $entitiy = EntitiesManager::getEntity($id, $domain); + $entity = EntitiesManager::getEntity($id, $domain); } catch (DatabaseOperationException $e) { throw new RequestException('Internal Server Error: Unable to retrieve entity', 500, $e); } - self::successResponse($entitiy->toArray()); + self::successResponse($entity->toArray()); } }