From c816ed59fe7c85ec3d6f98866a060d994396ecee Mon Sep 17 00:00:00 2001
From: netkas <netkas.nosial@gmail.com>
Date: Tue, 3 Jun 2025 00:33:19 -0400
Subject: [PATCH] Add RefreshOperatorApiKey method to handle API key refresh
 requests with permission checks

---
 src/FederationServer/Classes/Enums/Method.php |  6 +++
 .../Methods/RefreshOperatorApiKey.php         | 48 +++++++++++++++++++
 2 files changed, 54 insertions(+)
 create mode 100644 src/FederationServer/Methods/RefreshOperatorApiKey.php

diff --git a/src/FederationServer/Classes/Enums/Method.php b/src/FederationServer/Classes/Enums/Method.php
index 1cbca12..2d941e8 100644
--- a/src/FederationServer/Classes/Enums/Method.php
+++ b/src/FederationServer/Classes/Enums/Method.php
@@ -8,6 +8,7 @@
     use FederationServer\Methods\DownloadAttachment;
     use FederationServer\Methods\EnableOperator;
     use FederationServer\Methods\GetOperator;
+    use FederationServer\Methods\RefreshOperatorApiKey;
     use FederationServer\Methods\UploadAttachment;
 
     enum Method
@@ -16,6 +17,7 @@
         case DELETE_OPERATOR;
         case ENABLE_OPERATOR;
         case GET_OPERATOR;
+        case REFRESH_OPERATOR_API_KEY;
 
         case UPLOAD_ATTACHMENT;
         case DOWNLOAD_ATTACHMENT;
@@ -42,6 +44,9 @@
                 case self::GET_OPERATOR:
                     GetOperator::handleRequest();
                     break;
+                case self::REFRESH_OPERATOR_API_KEY:
+                    RefreshOperatorApiKey::handleRequest();
+                    break;
 
                 case self::UPLOAD_ATTACHMENT:
                     UploadAttachment::handleRequest();
@@ -72,6 +77,7 @@
                 $requestMethod === 'DELETE' && $path === '/operators/delete' => Method::DELETE_OPERATOR,
                 $requestMethod === 'GET' && $path === '/operators/get' => Method::GET_OPERATOR,
                 $requestMethod === 'POST' && $path === '/operators/enable' => Method::ENABLE_OPERATOR,
+                $requestMethod === 'POST' && $path === '/operators/refresh' => Method::REFRESH_OPERATOR_API_KEY,
 
                 default => null,
             };
diff --git a/src/FederationServer/Methods/RefreshOperatorApiKey.php b/src/FederationServer/Methods/RefreshOperatorApiKey.php
new file mode 100644
index 0000000..2b0f851
--- /dev/null
+++ b/src/FederationServer/Methods/RefreshOperatorApiKey.php
@@ -0,0 +1,48 @@
+<?php
+
+    namespace FederationServer\Methods;
+
+    use FederationServer\Classes\Logger;
+    use FederationServer\Classes\Managers\OperatorManager;
+    use FederationServer\Classes\RequestHandler;
+    use FederationServer\Exceptions\DatabaseOperationException;
+    use FederationServer\Exceptions\RequestException;
+    use FederationServer\FederationServer;
+
+    class RefreshOperatorApiKey extends RequestHandler
+    {
+        /**
+         * @inheritDoc
+         */
+        public static function handleRequest(): void
+        {
+            $authenticatedOperator = FederationServer::getAuthenticatedOperator();
+
+            $operatorUuid = FederationServer::getParameter('uuid');
+            if($operatorUuid !== null)
+            {
+                // Ensure the authenticated operator has permission to delete operators.
+                if(!$authenticatedOperator->canManageOperators())
+                {
+                    throw new RequestException('Unauthorized: Insufficient permissions to refresh other operators API keys', 403);
+                }
+            }
+            else
+            {
+                $operatorUuid = $authenticatedOperator->getUuid();
+            }
+
+            try
+            {
+                $newApiKey = OperatorManager::refreshApiKey($operatorUuid);
+            }
+            catch(DatabaseOperationException $e)
+            {
+                Logger::log()->error('Database error while refreshing operator\'s API Key: ' . $e->getMessage(), $e);
+                throw new RequestException('Internal Server Error: Unable to refresh operator\'s API Key', 500, $e);
+            }
+
+            // Respond with the UUID of the newly created operator.
+            self::successResponse($newApiKey);
+        }
+    }
\ No newline at end of file