diff options
| author | Frederic Guillot <fred@kanboard.net> | 2016-06-26 10:25:13 -0400 |
|---|---|---|
| committer | Frederic Guillot <fred@kanboard.net> | 2016-06-26 10:25:13 -0400 |
| commit | 4a230d331ec220fc32a48525afb308af0d9787fa (patch) | |
| tree | 514aa3d703155b7f97a2c77147c9fd74cef60f84 /app/Api/UserApi.php | |
| parent | 922e0fb6de06a98774418612e0b0f75af72b6dbb (diff) | |
Added application and project roles validation for API procedure calls
Diffstat (limited to 'app/Api/UserApi.php')
| -rw-r--r-- | app/Api/UserApi.php | 131 |
1 files changed, 0 insertions, 131 deletions
diff --git a/app/Api/UserApi.php b/app/Api/UserApi.php deleted file mode 100644 index 6cb9df1c..00000000 --- a/app/Api/UserApi.php +++ /dev/null @@ -1,131 +0,0 @@ -<?php - -namespace Kanboard\Api; - -use LogicException; -use Kanboard\Core\Security\Role; -use Kanboard\Core\Ldap\Client as LdapClient; -use Kanboard\Core\Ldap\ClientException as LdapException; -use Kanboard\Core\Ldap\User as LdapUser; - -/** - * User API controller - * - * @package Kanboard\Api - * @author Frederic Guillot - */ -class UserApi extends BaseApi -{ - public function getUser($user_id) - { - return $this->userModel->getById($user_id); - } - - public function getUserByName($username) - { - return $this->userModel->getByUsername($username); - } - - public function getAllUsers() - { - return $this->userModel->getAll(); - } - - public function removeUser($user_id) - { - return $this->userModel->remove($user_id); - } - - public function disableUser($user_id) - { - return $this->userModel->disable($user_id); - } - - public function enableUser($user_id) - { - return $this->userModel->enable($user_id); - } - - public function isActiveUser($user_id) - { - return $this->userModel->isActive($user_id); - } - - public function createUser($username, $password, $name = '', $email = '', $role = Role::APP_USER) - { - $values = array( - 'username' => $username, - 'password' => $password, - 'confirmation' => $password, - 'name' => $name, - 'email' => $email, - 'role' => $role, - ); - - list($valid, ) = $this->userValidator->validateCreation($values); - return $valid ? $this->userModel->create($values) : false; - } - - /** - * Create LDAP user in the database - * - * Only "anonymous" and "proxy" LDAP authentication are supported by this method - * - * User information will be fetched from the LDAP server - * - * @access public - * @param string $username - * @return bool|int - */ - public function createLdapUser($username) - { - if (LDAP_BIND_TYPE === 'user') { - $this->logger->error('LDAP authentication "user" is not supported by this API call'); - return false; - } - - try { - - $ldap = LdapClient::connect(); - $ldap->setLogger($this->logger); - $user = LdapUser::getUser($ldap, $username); - - if ($user === null) { - $this->logger->info('User not found in LDAP server'); - return false; - } - - if ($user->getUsername() === '') { - throw new LogicException('Username not found in LDAP profile, check the parameter LDAP_USER_ATTRIBUTE_USERNAME'); - } - - $values = array( - 'username' => $user->getUsername(), - 'name' => $user->getName(), - 'email' => $user->getEmail(), - 'role' => $user->getRole(), - 'is_ldap_user' => 1, - ); - - return $this->userModel->create($values); - - } catch (LdapException $e) { - $this->logger->error($e->getMessage()); - return false; - } - } - - public function updateUser($id, $username = null, $name = null, $email = null, $role = null) - { - $values = $this->filterValues(array( - 'id' => $id, - 'username' => $username, - 'name' => $name, - 'email' => $email, - 'role' => $role, - )); - - list($valid, ) = $this->userValidator->validateApiModification($values); - return $valid && $this->userModel->update($values); - } -} |