Nosial/FederationServer
2
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions 1

Refactor authentication handling by replacing getAuthenticatedOperator with requireAuthenticatedOperator in evidence-related methods

Browse source
This commit is contained in:
netkas 2025-06-06 14:13:22 -04:00
parent 079c1a9428
commit 9d17190609
Signed by: netkas
GPG key ID: 4D8629441B76E4CC
4 changed files with 6 additions and 13 deletions
Download patch file Download diff file Expand all files Collapse all files

4
src/FederationServer/Methods/Evidence/DeleteEvidence.php
View file

@ -2,7 +2,6 @@
namespace FederationServer\Methods\Evidence; namespace FederationServer\Methods\Evidence;
use FederationServer\Classes\Logger;
use FederationServer\Classes\Managers\EvidenceManager; use FederationServer\Classes\Managers\EvidenceManager;
use FederationServer\Classes\RequestHandler; use FederationServer\Classes\RequestHandler;
use FederationServer\Classes\Validate; use FederationServer\Classes\Validate;
@ -17,7 +16,7 @@
*/ */
public static function handleRequest(): void public static function handleRequest(): void
{ {
$authenticatedOperator = FederationServer::getAuthenticatedOperator(); $authenticatedOperator = FederationServer::requireAuthenticatedOperator();
if(!$authenticatedOperator->canManageBlacklist()) if(!$authenticatedOperator->canManageBlacklist())
{ {
throw new RequestException('Forbidden: You do not have permission to delete evidence', 403); throw new RequestException('Forbidden: You do not have permission to delete evidence', 403);
@ -45,7 +44,6 @@
} }
catch(DatabaseOperationException $e) catch(DatabaseOperationException $e)
{ {
Logger::log()->error('Database error while deleting evidence: ' . $e->getMessage(), $e);
throw new RequestException('Internal Server Error: Unable to delete evidence', 500, $e); throw new RequestException('Internal Server Error: Unable to delete evidence', 500, $e);
} }

4
src/FederationServer/Methods/Evidence/GetEvidenceRecord.php
View file

@ -3,7 +3,6 @@
namespace FederationServer\Methods\Evidence; namespace FederationServer\Methods\Evidence;
use FederationServer\Classes\Configuration; use FederationServer\Classes\Configuration;
use FederationServer\Classes\Logger;
use FederationServer\Classes\Managers\EvidenceManager; use FederationServer\Classes\Managers\EvidenceManager;
use FederationServer\Classes\RequestHandler; use FederationServer\Classes\RequestHandler;
use FederationServer\Classes\Validate; use FederationServer\Classes\Validate;
@ -18,7 +17,7 @@
*/ */
public static function handleRequest(): void public static function handleRequest(): void
{ {
$authenticatedOperator = FederationServer::getAuthenticatedOperator(false); $authenticatedOperator = FederationServer::getAuthenticatedOperator();
if(!Configuration::getServerConfiguration()->isEvidencePublic() && $authenticatedOperator === null) if(!Configuration::getServerConfiguration()->isEvidencePublic() && $authenticatedOperator === null)
{ {
throw new RequestException('Unauthorized: You must be authenticated to access evidence', 401); throw new RequestException('Unauthorized: You must be authenticated to access evidence', 401);
@ -50,7 +49,6 @@
} }
catch(DatabaseOperationException $e) catch(DatabaseOperationException $e)
{ {
Logger::log()->error('Database error while getting evidence: ' . $e->getMessage(), $e);
throw new RequestException('Internal Server Error: Unable to get evidence', 500, $e); throw new RequestException('Internal Server Error: Unable to get evidence', 500, $e);
} }
} }

5
src/FederationServer/Methods/Evidence/ListEvidence.php
View file

@ -16,7 +16,7 @@
*/ */
public static function handleRequest(): void public static function handleRequest(): void
{ {
$authenticatedOperator = FederationServer::getAuthenticatedOperator(false); $authenticatedOperator = FederationServer::getAuthenticatedOperator();
$includeConfidential = false; $includeConfidential = false;
if(!Configuration::getServerConfiguration()->isEvidencePublic() && $authenticatedOperator === null) if(!Configuration::getServerConfiguration()->isEvidencePublic() && $authenticatedOperator === null)
@ -51,8 +51,7 @@
throw new RequestException('Internal Server Error: Unable to retrieve evidence', 500, $e); throw new RequestException('Internal Server Error: Unable to retrieve evidence', 500, $e);
} }
$result = array_map(fn($evidence) => $evidence->toArray(), $evidenceRecords); self::successResponse(array_map(fn($evidence) => $evidence->toArray(), $evidenceRecords));
self::successResponse($result);
} }
} }

6
src/FederationServer/Methods/Evidence/SubmitEvidence.php
View file

@ -17,7 +17,7 @@
*/ */
public static function handleRequest(): void public static function handleRequest(): void
{ {
$authenticatedOperator = FederationServer::getAuthenticatedOperator(); $authenticatedOperator = FederationServer::requireAuthenticatedOperator();
if(!$authenticatedOperator->canManageBlacklist()) if(!$authenticatedOperator->canManageBlacklist())
{ {
throw new RequestException('Forbidden: You do not have permission to create evidence', 403); throw new RequestException('Forbidden: You do not have permission to create evidence', 403);
@ -54,14 +54,12 @@
throw new RequestException('Not Found: Entity does not exist', 404); throw new RequestException('Not Found: Entity does not exist', 404);
} }
$evidenceUuid = EvidenceManager::addEvidence($entityUuid, $authenticatedOperator->getUuid(), $textContent, $note, $confidential); self::successResponse(EvidenceManager::addEvidence($entityUuid, $authenticatedOperator->getUuid(), $textContent, $note, $confidential));
} }
catch (DatabaseOperationException $e) catch (DatabaseOperationException $e)
{ {
throw new RequestException('Internal Server Error: Failed to create evidence', 500, $e); throw new RequestException('Internal Server Error: Failed to create evidence', 500, $e);
} }
self::successResponse($evidenceUuid);
} }
} }