Nosial/FederationServer
2
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions 1

Add RefreshOperatorApiKey method to handle API key refresh requests with permission checks

Browse source
This commit is contained in:
netkas 2025-06-03 00:33:19 -04:00
parent a278d5cc25
commit c816ed59fe
Signed by: netkas
GPG key ID: 4D8629441B76E4CC
2 changed files with 54 additions and 0 deletions
Download patch file Download diff file Expand all files Collapse all files

6
src/FederationServer/Classes/Enums/Method.php
View file

@ -8,6 +8,7 @@
use FederationServer\Methods\DownloadAttachment; use FederationServer\Methods\DownloadAttachment;
use FederationServer\Methods\EnableOperator; use FederationServer\Methods\EnableOperator;
use FederationServer\Methods\GetOperator; use FederationServer\Methods\GetOperator;
use FederationServer\Methods\RefreshOperatorApiKey;
use FederationServer\Methods\UploadAttachment; use FederationServer\Methods\UploadAttachment;
enum Method enum Method
@ -16,6 +17,7 @@
case DELETE_OPERATOR; case DELETE_OPERATOR;
case ENABLE_OPERATOR; case ENABLE_OPERATOR;
case GET_OPERATOR; case GET_OPERATOR;
case REFRESH_OPERATOR_API_KEY;
case UPLOAD_ATTACHMENT; case UPLOAD_ATTACHMENT;
case DOWNLOAD_ATTACHMENT; case DOWNLOAD_ATTACHMENT;
@ -42,6 +44,9 @@
case self::GET_OPERATOR: case self::GET_OPERATOR:
GetOperator::handleRequest(); GetOperator::handleRequest();
break; break;
case self::REFRESH_OPERATOR_API_KEY:
RefreshOperatorApiKey::handleRequest();
break;
case self::UPLOAD_ATTACHMENT: case self::UPLOAD_ATTACHMENT:
UploadAttachment::handleRequest(); UploadAttachment::handleRequest();
@ -72,6 +77,7 @@
$requestMethod === 'DELETE' && $path === '/operators/delete' => Method::DELETE_OPERATOR, $requestMethod === 'DELETE' && $path === '/operators/delete' => Method::DELETE_OPERATOR,
$requestMethod === 'GET' && $path === '/operators/get' => Method::GET_OPERATOR, $requestMethod === 'GET' && $path === '/operators/get' => Method::GET_OPERATOR,
$requestMethod === 'POST' && $path === '/operators/enable' => Method::ENABLE_OPERATOR, $requestMethod === 'POST' && $path === '/operators/enable' => Method::ENABLE_OPERATOR,
$requestMethod === 'POST' && $path === '/operators/refresh' => Method::REFRESH_OPERATOR_API_KEY,
default => null, default => null,
}; };

48
src/FederationServer/Methods/RefreshOperatorApiKey.php Normal file
View file

@ -0,0 +1,48 @@
<?php
namespace FederationServer\Methods;
use FederationServer\Classes\Logger;
use FederationServer\Classes\Managers\OperatorManager;
use FederationServer\Classes\RequestHandler;
use FederationServer\Exceptions\DatabaseOperationException;
use FederationServer\Exceptions\RequestException;
use FederationServer\FederationServer;
class RefreshOperatorApiKey extends RequestHandler
{
/**
* @inheritDoc
*/
public static function handleRequest(): void
{
$authenticatedOperator = FederationServer::getAuthenticatedOperator();
$operatorUuid = FederationServer::getParameter('uuid');
if($operatorUuid !== null)
{
// Ensure the authenticated operator has permission to delete operators.
if(!$authenticatedOperator->canManageOperators())
{
throw new RequestException('Unauthorized: Insufficient permissions to refresh other operators API keys', 403);
}
}
else
{
$operatorUuid = $authenticatedOperator->getUuid();
}
try
{
$newApiKey = OperatorManager::refreshApiKey($operatorUuid);
}
catch(DatabaseOperationException $e)
{
Logger::log()->error('Database error while refreshing operator\'s API Key: ' . $e->getMessage(), $e);
throw new RequestException('Internal Server Error: Unable to refresh operator\'s API Key', 500, $e);
}
// Respond with the UUID of the newly created operator.
self::successResponse($newApiKey);
}
}