Nosial/FederationServer
2
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions 1

Add ManageOperatorsPermission method to handle operator permission management with validation
Some checks are pending
CI / debug (push) Waiting to run
Details
CI / check-phpunit (push) Waiting to run
Details
CI / check-phpdoc (push) Waiting to run
Details
CI / release (push) Waiting to run
Details
CI / generate-phpdoc (push) Blocked by required conditions
Details
CI / test (push) Blocked by required conditions
Details
CI / release-documentation (push) Blocked by required conditions
Details
CI / release-artifacts (push) Blocked by required conditions
Details

Browse source
This commit is contained in:
netkas 2025-06-03 00:38:21 -04:00
parent c816ed59fe
commit 7ab602eef0
Signed by: netkas
GPG key ID: 4D8629441B76E4CC
2 changed files with 56 additions and 0 deletions
Download patch file Download diff file Expand all files Collapse all files

6
src/FederationServer/Classes/Enums/Method.php
View file

@ -3,6 +3,7 @@
namespace FederationServer\Classes\Enums; namespace FederationServer\Classes\Enums;
use FederationServer\Exceptions\RequestException; use FederationServer\Exceptions\RequestException;
use FederationServer\Methods\ManageOperatorsPermission;
use FederationServer\Methods\CreateOperator; use FederationServer\Methods\CreateOperator;
use FederationServer\Methods\DeleteOperator; use FederationServer\Methods\DeleteOperator;
use FederationServer\Methods\DownloadAttachment; use FederationServer\Methods\DownloadAttachment;
@ -18,6 +19,7 @@
case ENABLE_OPERATOR; case ENABLE_OPERATOR;
case GET_OPERATOR; case GET_OPERATOR;
case REFRESH_OPERATOR_API_KEY; case REFRESH_OPERATOR_API_KEY;
case MANAGE_OPERATORS_PERMISSION;
case UPLOAD_ATTACHMENT; case UPLOAD_ATTACHMENT;
case DOWNLOAD_ATTACHMENT; case DOWNLOAD_ATTACHMENT;
@ -47,6 +49,9 @@
case self::REFRESH_OPERATOR_API_KEY: case self::REFRESH_OPERATOR_API_KEY:
RefreshOperatorApiKey::handleRequest(); RefreshOperatorApiKey::handleRequest();
break; break;
case self::MANAGE_OPERATORS_PERMISSION:
ManageOperatorsPermission::handleRequest();
break;
case self::UPLOAD_ATTACHMENT: case self::UPLOAD_ATTACHMENT:
UploadAttachment::handleRequest(); UploadAttachment::handleRequest();
@ -78,6 +83,7 @@
$requestMethod === 'GET' && $path === '/operators/get' => Method::GET_OPERATOR, $requestMethod === 'GET' && $path === '/operators/get' => Method::GET_OPERATOR,
$requestMethod === 'POST' && $path === '/operators/enable' => Method::ENABLE_OPERATOR, $requestMethod === 'POST' && $path === '/operators/enable' => Method::ENABLE_OPERATOR,
$requestMethod === 'POST' && $path === '/operators/refresh' => Method::REFRESH_OPERATOR_API_KEY, $requestMethod === 'POST' && $path === '/operators/refresh' => Method::REFRESH_OPERATOR_API_KEY,
$requestMethod === 'POST' && $path === '/operators/permissions/manage_operators' => Method::MANAGE_OPERATORS_PERMISSION,
default => null, default => null,
}; };

50
src/FederationServer/Methods/ManageOperatorsPermission.php Normal file
View file

@ -0,0 +1,50 @@
<?php
namespace FederationServer\Methods;
use FederationServer\Classes\Logger;
use FederationServer\Classes\Managers\OperatorManager;
use FederationServer\Classes\RequestHandler;
use FederationServer\Classes\Validate;
use FederationServer\Exceptions\DatabaseOperationException;
use FederationServer\Exceptions\RequestException;
use FederationServer\FederationServer;
class ManageOperatorsPermission extends RequestHandler
{
/**
* @inheritDoc
*/
public static function handleRequest(): void
{
$authenticatedOperator = FederationServer::getAuthenticatedOperator();
if(!$authenticatedOperator->canManageOperators())
{
throw new RequestException('Unauthorized: Insufficient permissions manage permissions', 403);
}
$operatorUuid = FederationServer::getParameter('uuid');
$enabled = (bool)filter_var(FederationServer::getParameter('enabled'), FILTER_VALIDATE_BOOLEAN, FILTER_NULL_ON_FAILURE);
if($operatorUuid === null)
{
throw new RequestException('Bad Request: Missing required parameters', 400);
}
if(!Validate::uuid($operatorUuid))
{
throw new RequestException('Bad Request: Invalid operator UUID', 400);
}
try
{
OperatorManager::setManageOperators($operatorUuid, $enabled);
}
catch(DatabaseOperationException $e)
{
Logger::log()->error('Database error while managing operator\'s permissions: ' . $e->getMessage(), $e);
throw new RequestException('Internal Server Error: Unable to manage operator\'s permissions', 500, $e);
}
self::successResponse();
}
}