From eb34a1027c7e6b6323a9ca52746bff71b05b4146 Mon Sep 17 00:00:00 2001 From: netkas Date: Thu, 5 Jun 2025 14:50:23 -0400 Subject: [PATCH] Implement evidence management methods: create, delete, and retrieve evidence --- src/FederationServer/Classes/Enums/Method.php | 15 +++-- .../Methods/Evidence/CreateEvidence.php | 67 +++++++++++++++++++ .../Methods/Evidence/DeleteEvidence.php | 55 +++++++++++++++ .../Methods/Evidence/GetEvidence.php | 58 ++++++++++++++++ 4 files changed, 189 insertions(+), 6 deletions(-) create mode 100644 src/FederationServer/Methods/Evidence/CreateEvidence.php create mode 100644 src/FederationServer/Methods/Evidence/DeleteEvidence.php create mode 100644 src/FederationServer/Methods/Evidence/GetEvidence.php diff --git a/src/FederationServer/Classes/Enums/Method.php b/src/FederationServer/Classes/Enums/Method.php index 099741c..c9128ae 100644 --- a/src/FederationServer/Classes/Enums/Method.php +++ b/src/FederationServer/Classes/Enums/Method.php @@ -15,6 +15,9 @@ use FederationServer\Methods\Entities\ListEntityEvidence; use FederationServer\Methods\Entities\PushEntity; use FederationServer\Methods\Entities\QueryEntity; + use FederationServer\Methods\Evidence\CreateEvidence; + use FederationServer\Methods\Evidence\DeleteEvidence; + use FederationServer\Methods\Evidence\GetEvidence; use FederationServer\Methods\Evidence\ListEvidence; use FederationServer\Methods\Operators\CreateOperator; use FederationServer\Methods\Operators\DeleteOperator; @@ -58,7 +61,7 @@ case LIST_ENTITY_AUDIT_LOGS; case LIST_EVIDENCE; - case ADD_EVIDENCE; + case CREATE_EVIDENCE; case GET_EVIDENCE; case DELETE_EVIDENCE; @@ -165,14 +168,14 @@ case self::LIST_EVIDENCE: ListEvidence::handleRequest(); break; - case self::ADD_EVIDENCE: - throw new \Exception('To be implemented'); + case self::CREATE_EVIDENCE: + CreateEvidence::handleRequest(); break; case self::GET_EVIDENCE: - throw new \Exception('To be implemented'); + GetEvidence::handleRequest();; break; case self::DELETE_EVIDENCE: - throw new \Exception('To be implemented'); + DeleteEvidence::handleRequest(); break; case self::LIST_BLACKLIST: @@ -229,7 +232,7 @@ preg_match('#^/blacklist/([a-fA-F0-9\-]{36,})/attach_evidence$#', $path) && $requestMethod === 'POST' => Method::ATTACH_EVIDENCE, $path === '/evidence' && $requestMethod === 'GET' => Method::LIST_EVIDENCE, - $path === '/evidence' && $requestMethod === 'POST' => Method::ADD_EVIDENCE, + $path === '/evidence' && $requestMethod === 'POST' => Method::CREATE_EVIDENCE, preg_match('#^/evidence/([a-fA-F0-9\-]{36,})$#', $path) && $requestMethod === 'GET' => Method::GET_EVIDENCE, preg_match('#^/evidence/([a-fA-F0-9\-]{36,})$#', $path) && $requestMethod === 'DELETE' => Method::DELETE_EVIDENCE, diff --git a/src/FederationServer/Methods/Evidence/CreateEvidence.php b/src/FederationServer/Methods/Evidence/CreateEvidence.php new file mode 100644 index 0000000..a26039e --- /dev/null +++ b/src/FederationServer/Methods/Evidence/CreateEvidence.php @@ -0,0 +1,67 @@ +canManageBlacklist()) + { + throw new RequestException('Forbidden: You do not have permission to create evidence', 403); + } + + $entityUuid = FederationServer::getParameter('entity_uuid'); + if(!$entityUuid || !Validate::uuid($entityUuid)) + { + throw new RequestException('Bad Request: Entity UUID is required and must be valid', 400); + } + + $textContent = FederationServer::getParameter('text_content'); + if(!is_null($textContent) && strlen($textContent) > 65535) + { + throw new RequestException('Bad Request: Text content must not exceed 65535 characters', 400); + } + + $note = FederationServer::getParameter('note'); + if(!is_null($note) && strlen($note) > 65535) + { + throw new RequestException('Bad Request: Note must not exceed 65535 characters', 400); + } + + $confidential = false; + if(FederationServer::getParameter('confidential') === 'true') + { + $confidential = true; + } + + try + { + if(!EntitiesManager::getEntityByUuid($entityUuid)) + { + throw new RequestException('Not Found: Entity does not exist', 404); + } + + $evidenceUuid = EvidenceManager::addEvidence($entityUuid, $authenticatedOperator->getUuid(), $textContent, $note, $confidential); + } + catch (DatabaseOperationException $e) + { + throw new RequestException('Internal Server Error: Failed to create evidence', 500, $e); + } + + self::successResponse($evidenceUuid); + } + } + diff --git a/src/FederationServer/Methods/Evidence/DeleteEvidence.php b/src/FederationServer/Methods/Evidence/DeleteEvidence.php new file mode 100644 index 0000000..76fb507 --- /dev/null +++ b/src/FederationServer/Methods/Evidence/DeleteEvidence.php @@ -0,0 +1,55 @@ +canManageBlacklist()) + { + throw new RequestException('Forbidden: You do not have permission to delete evidence', 403); + } + + if(!preg_match('#^/evidence/([a-fA-F0-9\-]{36,})$#', FederationServer::getPath(), $matches)) + { + throw new RequestException('Evidence UUID required', 405); + } + + $evidenceUuid = $matches[1]; + if(!$evidenceUuid || !Validate::uuid($evidenceUuid)) + { + throw new RequestException('Invalid evidence UUID', 400); + } + + try + { + if(!EvidenceManager::evidenceExists($evidenceUuid)) + { + throw new RequestException('Evidence Not Found', 404); + } + + EvidenceManager::deleteEvidence($evidenceUuid); + } + catch(DatabaseOperationException $e) + { + Logger::log()->error('Database error while deleting evidence: ' . $e->getMessage(), $e); + throw new RequestException('Internal Server Error: Unable to delete evidence', 500, $e); + } + + self::successResponse(); + } + } + diff --git a/src/FederationServer/Methods/Evidence/GetEvidence.php b/src/FederationServer/Methods/Evidence/GetEvidence.php new file mode 100644 index 0000000..5b85024 --- /dev/null +++ b/src/FederationServer/Methods/Evidence/GetEvidence.php @@ -0,0 +1,58 @@ +isPublicEvidence() && $authenticatedOperator === null) + { + throw new RequestException('Unauthorized: You must be authenticated to access evidence', 401); + } + + if(!preg_match('#^/evidence/([a-fA-F0-9\-]{36,})$#', FederationServer::getPath(), $matches)) + { + throw new RequestException('Evidence UUID required', 405); + } + + $evidenceUuid = $matches[1]; + if(!$evidenceUuid || !Validate::uuid($evidenceUuid)) + { + throw new RequestException('Invalid evidence UUID', 400); + } + + try + { + $evidenceRecord = EvidenceManager::getEvidence($evidenceUuid); + if($evidenceRecord === null) + { + throw new RequestException('Evidence Not Found', 404); + } + + if($evidenceRecord->isConfidential() && $authenticatedOperator === null) + { + throw new RequestException('Forbidden: Confidential evidence access is restricted', 403); + } + } + catch(DatabaseOperationException $e) + { + Logger::log()->error('Database error while getting evidence: ' . $e->getMessage(), $e); + throw new RequestException('Internal Server Error: Unable to get evidence', 500, $e); + } + } + } +