Ping::execute($request, $rpcRequest), self::GET_SESSION_STATE => GetSessionState::execute($request, $rpcRequest), self::GET_PRIVACY_POLICY => GetPrivacyPolicy::execute($request, $rpcRequest), self::ACCEPT_PRIVACY_POLICY => AcceptPrivacyPolicy::execute($request, $rpcRequest), self::GET_TERMS_OF_SERVICE => GetTermsOfService::execute($request, $rpcRequest), self::ACCEPT_TERMS_OF_SERVICE => AcceptTermsOfService::execute($request, $rpcRequest), self::GET_COMMUNITY_GUIDELINES => GetCommunityGuidelines::execute($request, $rpcRequest), self::ACCEPT_COMMUNITY_GUIDELINES => AcceptCommunityGuidelines::execute($request, $rpcRequest), self::VERIFICATION_GET_IMAGE_CAPTCHA => VerificationGetImageCaptcha::execute($request, $rpcRequest), self::VERIFICATION_ANSWER_IMAGE_CAPTCHA => VerificationAnswerImageCaptcha::execute($request, $rpcRequest), self::SETTINGS_SET_PASSWORD => SettingsSetPassword::execute($request, $rpcRequest), self::SETTINGS_UPDATE_PASSWORD => SettingsUpdatePassword::execute($request, $rpcRequest), self::SETTINGS_DELETE_PASSWORD => SettingsDeletePassword::execute($request, $rpcRequest), self::SETTINGS_SET_DISPLAY_NAME => SettingsSetDisplayName::execute($request, $rpcRequest), self::SETTINGS_DELETE_DISPLAY_NAME => SettingsDeleteDisplayName::execute($request, $rpcRequest), self::SETTINGS_SET_DISPLAY_PICTURE => SettingsSetDisplayPicture::execute($request, $rpcRequest), self::SETTINGS_DELETE_DISPLAY_PICTURE => SettingsDeleteDisplayPicture::execute($request, $rpcRequest), self::SETTINGS_ADD_SIGNING_KEY => SettingsAddSigningKey::execute($request, $rpcRequest), self::SETTINGS_GET_SIGNING_KEYS => SettingsGetSigningKeys::execute($request, $rpcRequest), default => $rpcRequest->produceError(StandardError::METHOD_NOT_ALLOWED, sprintf("The method %s is not supported by the server", $rpcRequest->getMethod())) }; } /** * Checks if the access method is allowed for the given client request. * * @param ClientRequest $clientRequest The client request instance to check access against. * @return void * @throws StandardException If the method is not allowed for the given client request. */ public function checkAccess(ClientRequest $clientRequest): void { if(in_array($this, self::getAllowedMethods($clientRequest))) { return; } throw new StandardException(StandardError::METHOD_NOT_ALLOWED->getMessage(), StandardError::METHOD_NOT_ALLOWED); } /** * Determines the list of allowed methods for a given client request. * * @param ClientRequest $clientRequest The client request for which allowed methods are determined. * @return array Returns an array of allowed methods for the provided client request. */ public static function getAllowedMethods(ClientRequest $clientRequest): array { // These methods should always accessible $methods = [ // Important methods self::PING, // Always allow the ping method self::GET_SESSION_STATE, // The session state should always be accessible self::GET_PRIVACY_POLICY, // The user should always be able to get the privacy policy self::GET_TERMS_OF_SERVICE, // The user should always be able to get the terms of service self::GET_COMMUNITY_GUIDELINES, // The user should always be able to get the community guidelines ]; $session = $clientRequest->getSession(); // If the session is external (eg; coming from a different server) // Servers will have their own access control mechanisms if($session->isExternal()) { // TODO: Implement server access control } // If the session is authenticated, then allow additional method calls elseif($session->isAuthenticated()) { // These methods are always allowed for authenticated users $methods = array_merge($methods, [ self::SETTINGS_ADD_SIGNING_KEY, self::SETTINGS_GET_SIGNING_KEYS, self::SETTINGS_SET_DISPLAY_NAME, self::SETTINGS_SET_DISPLAY_PICTURE, self::SETTINGS_SET_PASSWORD, self::SETTINGS_UPDATE_PASSWORD, ]); // Prevent the user from deleting their display name if it is required if(!Configuration::getRegistrationConfiguration()->isDisplayNameRequired()) { $methods[] = self::SETTINGS_DELETE_DISPLAY_NAME; } if(!Configuration::getRegistrationConfiguration()->isPasswordRequired()) { $methods[] = self::SETTINGS_DELETE_PASSWORD; } if(!Configuration::getRegistrationConfiguration()->isDisplayPictureRequired()) { $methods[] = self::SETTINGS_DELETE_DISPLAY_PICTURE; } } // If the session isn't authenticated nor a host, a limited set of methods is available else { // If the flag `VER_PRIVACY_POLICY` is set, then the user can accept the privacy policy if($session->flagExists(SessionFlags::VER_PRIVACY_POLICY)) { $methods[] = self::ACCEPT_PRIVACY_POLICY; } // If the flag `VER_TERMS_OF_SERVICE` is set, then the user can accept the terms of service if($session->flagExists(SessionFlags::VER_TERMS_OF_SERVICE)) { $methods[] = self::ACCEPT_TERMS_OF_SERVICE; } // If the flag `VER_COMMUNITY_GUIDELINES` is set, then the user can accept the community guidelines if($session->flagExists(SessionFlags::VER_COMMUNITY_GUIDELINES)) { $methods[] = self::ACCEPT_COMMUNITY_GUIDELINES; } // If the flag `VER_IMAGE_CAPTCHA` is set, then the user has to get and answer an image captcha if($session->flagExists(SessionFlags::VER_IMAGE_CAPTCHA)) { $methods[] = self::VERIFICATION_GET_IMAGE_CAPTCHA; $methods[] = self::VERIFICATION_ANSWER_IMAGE_CAPTCHA; } // If the flag `SET_PASSWORD` is set, then the user has to set a password if($session->flagExists(SessionFlags::SET_PASSWORD)) { $methods[] = self::SETTINGS_SET_PASSWORD; } // If the flag `SET_DISPLAY_NAME` is set, then the user has to set a display name if($session->flagExists(SessionFlags::SET_DISPLAY_NAME)) { $methods[] = self::SETTINGS_SET_DISPLAY_NAME; } // If the flag `SET_DISPLAY_PICTURE` is set, then the user has to set a display picture if($session->flagExists(SessionFlags::SET_DISPLAY_PICTURE)) { $methods[] = self::SETTINGS_DELETE_DISPLAY_PICTURE; } } return $methods; } }