openinfra
/
openstackid-resources
Code Issues Proposed changes

Added summit/read/all scope 

this new scopes allows to read all summits
not matter if they are or not availble on api

Change-Id: Ief0d68b3ac0bf9bdd0ba7f1b82f971f62b64e34d
This commit is contained in:
Sebastian Marcet 2017-12-07 10:17:13 -03:00
parent f100a1df2d
commit e6f8fb4eb2
18 changed files with 283 additions and 146 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

10
app/Http/Controllers/Apis/Protected/Summit/OAuth2PresentationApiController.php
View File

@ -69,7 +69,7 @@ final class OAuth2PresentationApiController extends OAuth2ProtectedController
public function getPresentationVideos($summit_id, $presentation_id){
try {
$summit = SummitFinderStrategyFactory::build($this->summit_repository)->find($summit_id);
$summit = SummitFinderStrategyFactory::build($this->summit_repository, $this->resource_server_context)->find($summit_id);
if (is_null($summit)) return $this->error404();
$presentation = $this->presentation_repository->getById($presentation_id);
@ -99,7 +99,7 @@ final class OAuth2PresentationApiController extends OAuth2ProtectedController
public function getPresentationVideo($summit_id, $presentation_id, $video_id){
try {
$summit = SummitFinderStrategyFactory::build($this->summit_repository)->find($summit_id);
$summit = SummitFinderStrategyFactory::build($this->summit_repository, $this->resource_server_context)->find($summit_id);
if (is_null($summit)) return $this->error404();
} catch (Exception $ex) {
@ -111,7 +111,7 @@ final class OAuth2PresentationApiController extends OAuth2ProtectedController
public function addVideo(LaravelRequest $request, $summit_id, $presentation_id){
try {
$summit = SummitFinderStrategyFactory::build($this->summit_repository)->find($summit_id);
$summit = SummitFinderStrategyFactory::build($this->summit_repository, $this->resource_server_context)->find($summit_id);
if (is_null($summit)) return $this->error404();
if (!$request->isJson()) {
@ -163,7 +163,7 @@ final class OAuth2PresentationApiController extends OAuth2ProtectedController
public function updateVideo(LaravelRequest $request, $summit_id, $presentation_id, $video_id){
try {
$summit = SummitFinderStrategyFactory::build($this->summit_repository)->find($summit_id);
$summit = SummitFinderStrategyFactory::build($this->summit_repository, $this->resource_server_context)->find($summit_id);
if (is_null($summit)) return $this->error404();
if (!$request->isJson()) {
@ -215,7 +215,7 @@ final class OAuth2PresentationApiController extends OAuth2ProtectedController
public function deleteVideo($summit_id, $presentation_id, $video_id){
try {
$summit = SummitFinderStrategyFactory::build($this->summit_repository)->find($summit_id);
$summit = SummitFinderStrategyFactory::build($this->summit_repository, $this->resource_server_context)->find($summit_id);
if (is_null($summit)) return $this->error404();
$this->presentation_service->deleteVideo($presentation_id, $video_id);

56
app/Http/Controllers/Apis/Protected/Summit/OAuth2SummitApiController.php
View File

@ -12,6 +12,7 @@
* limitations under the License.
**/
use App\Http\Utils\FilterAvailableSummitsStrategy;
use Exception;
use Illuminate\Support\Facades\Log;
use Illuminate\Support\Facades\Request;
@ -80,34 +81,7 @@ final class OAuth2SummitApiController extends OAuth2ProtectedController
$summits = [];
foreach($this->repository->getAvailables() as $summit){
$summits[] = SerializerRegistry::getInstance()->getSerializer($summit)->serialize(Input::get('expand',''));
}
$response = new PagingResponse
(
count($summits),
count($summits),
1,
1,
$summits
);
return $this->ok($response->toArray());
}
catch (Exception $ex) {
Log::error($ex);
return $this->error500($ex);
}
}
public function getAllSummits()
{
try {
$summits = [];
foreach($this->repository->getAllOrderedByBeginDate() as $summit){
foreach($this->_getSummits() as $summit){
$summits[] = SerializerRegistry::getInstance()->getSerializer($summit)->serialize(Input::get('expand',''));
}
@ -128,6 +102,14 @@ final class OAuth2SummitApiController extends OAuth2ProtectedController
}
}
/**
* @return \models\summit\Summit[]
*/
private function _getSummits(){
return FilterAvailableSummitsStrategy::shouldReturnAllSummits($this->resource_server_context) ?
$this->repository->getAllOrderedByBeginDate():$this->repository->getAvailables();
}
/**
* @param $summit_id
* @return mixed
@ -136,7 +118,7 @@ final class OAuth2SummitApiController extends OAuth2ProtectedController
{
$expand = Request::input('expand', '');
try {
$summit = SummitFinderStrategyFactory::build($this->repository)->find($summit_id);
$summit = SummitFinderStrategyFactory::build($this->repository, $this->resource_server_context)->find($summit_id);
if (is_null($summit)) return $this->error404();
return $this->ok(SerializerRegistry::getInstance()->getSerializer($summit)->serialize($expand));
} catch (Exception $ex) {
@ -153,7 +135,7 @@ final class OAuth2SummitApiController extends OAuth2ProtectedController
{
try {
$summit = SummitFinderStrategyFactory::build($this->repository)->find($summit_id);
$summit = SummitFinderStrategyFactory::build($this->repository, $this->resource_server_context)->find($summit_id);
if (is_null($summit)) return $this->error404();
$last_event_id = Request::input('last_event_id', null);
@ -236,7 +218,7 @@ final class OAuth2SummitApiController extends OAuth2ProtectedController
public function getEventTypes($summit_id)
{
try {
$summit = SummitFinderStrategyFactory::build($this->repository)->find($summit_id);
$summit = SummitFinderStrategyFactory::build($this->repository, $this->resource_server_context)->find($summit_id);
if (is_null($summit)) return $this->error404();
//event types
@ -268,7 +250,7 @@ final class OAuth2SummitApiController extends OAuth2ProtectedController
*/
public function getTracks($summit_id){
try {
$summit = SummitFinderStrategyFactory::build($this->repository)->find($summit_id);
$summit = SummitFinderStrategyFactory::build($this->repository, $this->resource_server_context)->find($summit_id);
if (is_null($summit)) return $this->error404();
//tracks
@ -301,7 +283,7 @@ final class OAuth2SummitApiController extends OAuth2ProtectedController
*/
public function getTrack($summit_id, $track_id){
try {
$summit = SummitFinderStrategyFactory::build($this->repository)->find($summit_id);
$summit = SummitFinderStrategyFactory::build($this->repository, $this->resource_server_context)->find($summit_id);
if (is_null($summit)) return $this->error404();
$track = $summit->getPresentationCategory($track_id);
@ -320,7 +302,7 @@ final class OAuth2SummitApiController extends OAuth2ProtectedController
*/
public function getTracksGroups($summit_id){
try {
$summit = SummitFinderStrategyFactory::build($this->repository)->find($summit_id);
$summit = SummitFinderStrategyFactory::build($this->repository, $this->resource_server_context)->find($summit_id);
if (is_null($summit)) return $this->error404();
//track groups
@ -353,7 +335,7 @@ final class OAuth2SummitApiController extends OAuth2ProtectedController
*/
public function getTrackGroup($summit_id, $track_group_id){
try {
$summit = SummitFinderStrategyFactory::build($this->repository)->find($summit_id);
$summit = SummitFinderStrategyFactory::build($this->repository, $this->resource_server_context)->find($summit_id);
if (is_null($summit)) return $this->error404();
$group = $summit->getCategoryGroup($track_group_id);
@ -373,7 +355,7 @@ final class OAuth2SummitApiController extends OAuth2ProtectedController
*/
public function getExternalOrder($summit_id, $external_order_id){
try {
$summit = SummitFinderStrategyFactory::build($this->repository)->find($summit_id);
$summit = SummitFinderStrategyFactory::build($this->repository, $this->resource_server_context)->find($summit_id);
if (is_null($summit)) return $this->error404();
$order = $this->service->getExternalOrder($summit, $external_order_id);
return $this->ok($order);
@ -400,7 +382,7 @@ final class OAuth2SummitApiController extends OAuth2ProtectedController
*/
public function confirmExternalOrderAttendee($summit_id, $external_order_id, $external_attendee_id){
try {
$summit = SummitFinderStrategyFactory::build($this->repository)->find($summit_id);
$summit = SummitFinderStrategyFactory::build($this->repository, $this->resource_server_context)->find($summit_id);
if (is_null($summit)) return $this->error404();
$member_id = $this->resource_server_context->getCurrentUserExternalId();
if (is_null($member_id)) {

10
app/Http/Controllers/Apis/Protected/Summit/OAuth2SummitAttendeesApiController.php
View File

@ -83,7 +83,7 @@ final class OAuth2SummitAttendeesApiController extends OAuth2ProtectedController
try {
$summit = SummitFinderStrategyFactory::build($this->repository)->find($summit_id);
$summit = SummitFinderStrategyFactory::build($this->repository, $this->resource_server_context)->find($summit_id);
if (is_null($summit)) return $this->error404();
$type = $attendee_id === 'me' ? CheckAttendeeStrategyFactory::Me : CheckAttendeeStrategyFactory::Own;
@ -111,7 +111,7 @@ final class OAuth2SummitAttendeesApiController extends OAuth2ProtectedController
{
try {
$summit = SummitFinderStrategyFactory::build($this->repository)->find($summit_id);
$summit = SummitFinderStrategyFactory::build($this->repository, $this->resource_server_context)->find($summit_id);
if (is_null($summit)) return $this->error404();
$attendee = CheckAttendeeStrategyFactory::build(CheckAttendeeStrategyFactory::Own, $this->resource_server_context)->check($attendee_id, $summit);
@ -147,7 +147,7 @@ final class OAuth2SummitAttendeesApiController extends OAuth2ProtectedController
{
try {
$summit = SummitFinderStrategyFactory::build($this->repository)->find($summit_id);
$summit = SummitFinderStrategyFactory::build($this->repository, $this->resource_server_context)->find($summit_id);
if (is_null($summit)) return $this->error404();
$attendee = CheckAttendeeStrategyFactory::build(CheckAttendeeStrategyFactory::Own, $this->resource_server_context)->check($attendee_id, $summit);
@ -189,7 +189,7 @@ final class OAuth2SummitAttendeesApiController extends OAuth2ProtectedController
{
try {
$summit = SummitFinderStrategyFactory::build($this->repository)->find($summit_id);
$summit = SummitFinderStrategyFactory::build($this->repository, $this->resource_server_context)->find($summit_id);
if (is_null($summit)) return $this->error404();
$attendee = CheckAttendeeStrategyFactory::build(CheckAttendeeStrategyFactory::Own, $this->resource_server_context)->check($attendee_id, $summit);
@ -231,7 +231,7 @@ final class OAuth2SummitAttendeesApiController extends OAuth2ProtectedController
public function deleteEventRSVP($summit_id, $attendee_id, $event_id){
try {
$summit = SummitFinderStrategyFactory::build($this->repository)->find($summit_id);
$summit = SummitFinderStrategyFactory::build($this->repository, $this->resource_server_context)->find($summit_id);
if (is_null($summit)) return $this->error404();
$event = $summit->getScheduleEvent(intval($event_id));

20
app/Http/Controllers/Apis/Protected/Summit/OAuth2SummitEventsApiController.php
View File

@ -207,7 +207,7 @@ final class OAuth2SummitEventsApiController extends OAuth2ProtectedController
*/
private function _getSummitEvent($summit_id, $event_id, $expand = '', $fields = '', $relations = '', $published = true)
{
$summit = SummitFinderStrategyFactory::build($this->repository)->find($summit_id);
$summit = SummitFinderStrategyFactory::build($this->repository, $this->resource_server_context)->find($summit_id);
if (is_null($summit)) throw new EntityNotFoundException;
$event = $published ? $summit->getScheduleEvent(intval($event_id)) : $summit->getEvent(intval($event_id));
@ -275,7 +275,7 @@ final class OAuth2SummitEventsApiController extends OAuth2ProtectedController
public function addEvent($summit_id)
{
try {
$summit = SummitFinderStrategyFactory::build($this->repository)->find($summit_id);
$summit = SummitFinderStrategyFactory::build($this->repository, $this->resource_server_context)->find($summit_id);
if (is_null($summit)) return $this->error404();
if(!Request::isJson()) return $this->error403();
$data = Input::json();
@ -340,7 +340,7 @@ final class OAuth2SummitEventsApiController extends OAuth2ProtectedController
public function updateEvent($summit_id, $event_id)
{
try {
$summit = SummitFinderStrategyFactory::build($this->repository)->find($summit_id);
$summit = SummitFinderStrategyFactory::build($this->repository, $this->resource_server_context)->find($summit_id);
if (is_null($summit)) return $this->error404();
if(!Request::isJson()) return $this->error403();
@ -406,7 +406,7 @@ final class OAuth2SummitEventsApiController extends OAuth2ProtectedController
public function publishEvent($summit_id, $event_id)
{
try {
$summit = SummitFinderStrategyFactory::build($this->repository)->find($summit_id);
$summit = SummitFinderStrategyFactory::build($this->repository, $this->resource_server_context)->find($summit_id);
if (is_null($summit)) return $this->error404();
if(!Request::isJson()) return $this->error403();
@ -459,7 +459,7 @@ final class OAuth2SummitEventsApiController extends OAuth2ProtectedController
public function unPublishEvent($summit_id, $event_id)
{
try {
$summit = SummitFinderStrategyFactory::build($this->repository)->find($summit_id);
$summit = SummitFinderStrategyFactory::build($this->repository, $this->resource_server_context)->find($summit_id);
if (is_null($summit)) return $this->error404();
if(!Request::isJson()) return $this->error403();
@ -493,7 +493,7 @@ final class OAuth2SummitEventsApiController extends OAuth2ProtectedController
public function deleteEvent($summit_id, $event_id)
{
try {
$summit = SummitFinderStrategyFactory::build($this->repository)->find($summit_id);
$summit = SummitFinderStrategyFactory::build($this->repository, $this->resource_server_context)->find($summit_id);
if (is_null($summit)) return $this->error404();
$this->service->deleteEvent($summit, $event_id);
@ -529,7 +529,7 @@ final class OAuth2SummitEventsApiController extends OAuth2ProtectedController
try {
$summit = SummitFinderStrategyFactory::build($this->repository)->find($summit_id);
$summit = SummitFinderStrategyFactory::build($this->repository, $this->resource_server_context)->find($summit_id);
if (is_null($summit)) return $this->error404();
$values = Input::all();
@ -617,7 +617,7 @@ final class OAuth2SummitEventsApiController extends OAuth2ProtectedController
return $this->error412(array('invalid content type!'));
}
$summit = SummitFinderStrategyFactory::build($this->repository)->find($summit_id);
$summit = SummitFinderStrategyFactory::build($this->repository, $this->resource_server_context)->find($summit_id);
if (is_null($summit)) return $this->error404();
if(!Request::isJson()) return $this->error403();
@ -779,7 +779,7 @@ final class OAuth2SummitEventsApiController extends OAuth2ProtectedController
return $this->error412(array('invalid content type!'));
}
$summit = SummitFinderStrategyFactory::build($this->repository)->find($summit_id);
$summit = SummitFinderStrategyFactory::build($this->repository, $this->resource_server_context)->find($summit_id);
if (is_null($summit)) return $this->error404();
if(!Request::isJson()) return $this->error403();
@ -828,7 +828,7 @@ final class OAuth2SummitEventsApiController extends OAuth2ProtectedController
return $this->error412(array('file param not set!'));
}
$summit = SummitFinderStrategyFactory::build($this->repository)->find($summit_id);
$summit = SummitFinderStrategyFactory::build($this->repository, $this->resource_server_context)->find($summit_id);
if (is_null($summit)) return $this->error404();
$res = $this->service->addEventAttachment($summit, $event_id, $file);

14
app/Http/Controllers/Apis/Protected/Summit/OAuth2SummitLocationsApiController.php
View File

@ -80,7 +80,7 @@ final class OAuth2SummitLocationsApiController extends OAuth2ProtectedController
public function getLocations($summit_id)
{
try {
$summit = SummitFinderStrategyFactory::build($this->repository)->find($summit_id);
$summit = SummitFinderStrategyFactory::build($this->repository, $this->resource_server_context)->find($summit_id);
if (is_null($summit)) return $this->error404();
//locations
@ -119,7 +119,7 @@ final class OAuth2SummitLocationsApiController extends OAuth2ProtectedController
$expand = Request::input('expand', '');
$relations = Request::input('relations', '');
$relations = !empty($relations) ? explode(',', $relations) : [];
$summit = SummitFinderStrategyFactory::build($this->repository)->find($summit_id);
$summit = SummitFinderStrategyFactory::build($this->repository, $this->resource_server_context)->find($summit_id);
if (is_null($summit)) return $this->error404();
$location = $summit->getLocation($location_id);
@ -143,7 +143,7 @@ final class OAuth2SummitLocationsApiController extends OAuth2ProtectedController
*/
private function _getLocationEvents($summit_id, $location_id, $published = true)
{
$summit = SummitFinderStrategyFactory::build($this->repository)->find($summit_id);
$summit = SummitFinderStrategyFactory::build($this->repository, $this->resource_server_context)->find($summit_id);
if (is_null($summit))
throw new EntityNotFoundException;
@ -281,7 +281,7 @@ final class OAuth2SummitLocationsApiController extends OAuth2ProtectedController
public function getVenues($summit_id)
{
try {
$summit = SummitFinderStrategyFactory::build($this->repository)->find($summit_id);
$summit = SummitFinderStrategyFactory::build($this->repository, $this->resource_server_context)->find($summit_id);
if (is_null($summit)) return $this->error404();
//locations
@ -317,7 +317,7 @@ final class OAuth2SummitLocationsApiController extends OAuth2ProtectedController
public function getExternalLocations($summit_id)
{
try {
$summit = SummitFinderStrategyFactory::build($this->repository)->find($summit_id);
$summit = SummitFinderStrategyFactory::build($this->repository, $this->resource_server_context)->find($summit_id);
if (is_null($summit)) return $this->error404();
//locations
@ -351,7 +351,7 @@ final class OAuth2SummitLocationsApiController extends OAuth2ProtectedController
public function getHotels($summit_id)
{
try {
$summit = SummitFinderStrategyFactory::build($this->repository)->find($summit_id);
$summit = SummitFinderStrategyFactory::build($this->repository, $this->resource_server_context)->find($summit_id);
if (is_null($summit)) return $this->error404();
//locations
@ -386,7 +386,7 @@ final class OAuth2SummitLocationsApiController extends OAuth2ProtectedController
public function getAirports($summit_id)
{
try {
$summit = SummitFinderStrategyFactory::build($this->repository)->find($summit_id);
$summit = SummitFinderStrategyFactory::build($this->repository, $this->resource_server_context)->find($summit_id);
if (is_null($summit)) return $this->error404();
//locations

16
app/Http/Controllers/Apis/Protected/Summit/OAuth2SummitMembersApiController.php
View File

@ -62,7 +62,7 @@ final class OAuth2SummitMembersApiController extends OAuth2ProtectedController
public function getMyMember($summit_id, $member_id){
$summit = SummitFinderStrategyFactory::build($this->summit_repository)->find($summit_id);
$summit = SummitFinderStrategyFactory::build($this->summit_repository, $this->resource_server_context)->find($summit_id);
if (is_null($summit)) return $this->error404();
$current_member_id = $this->resource_server_context->getCurrentUserExternalId();
@ -90,7 +90,7 @@ final class OAuth2SummitMembersApiController extends OAuth2ProtectedController
public function getMemberFavoritesSummitEvents($summit_id, $member_id){
try {
$summit = SummitFinderStrategyFactory::build($this->summit_repository)->find($summit_id);
$summit = SummitFinderStrategyFactory::build($this->summit_repository, $this->resource_server_context)->find($summit_id);
if (is_null($summit)) return $this->error404();
$current_member_id = $this->resource_server_context->getCurrentUserExternalId();
@ -148,7 +148,7 @@ final class OAuth2SummitMembersApiController extends OAuth2ProtectedController
public function addEventToMemberFavorites($summit_id, $member_id, $event_id){
try {
$summit = SummitFinderStrategyFactory::build($this->summit_repository)->find($summit_id);
$summit = SummitFinderStrategyFactory::build($this->summit_repository, $this->resource_server_context)->find($summit_id);
if (is_null($summit)) return $this->error404();
$current_member_id = $this->resource_server_context->getCurrentUserExternalId();
@ -193,7 +193,7 @@ final class OAuth2SummitMembersApiController extends OAuth2ProtectedController
public function removeEventFromMemberFavorites($summit_id, $member_id, $event_id){
try {
$summit = SummitFinderStrategyFactory::build($this->summit_repository)->find($summit_id);
$summit = SummitFinderStrategyFactory::build($this->summit_repository, $this->resource_server_context)->find($summit_id);
if (is_null($summit)) return $this->error404();
$current_member_id = $this->resource_server_context->getCurrentUserExternalId();
@ -235,7 +235,7 @@ final class OAuth2SummitMembersApiController extends OAuth2ProtectedController
*/
public function getMemberScheduleSummitEvents($summit_id, $member_id){
try {
$summit = SummitFinderStrategyFactory::build($this->summit_repository)->find($summit_id);
$summit = SummitFinderStrategyFactory::build($this->summit_repository, $this->resource_server_context)->find($summit_id);
if (is_null($summit)) return $this->error404();
$current_member_id = $this->resource_server_context->getCurrentUserExternalId();
@ -293,7 +293,7 @@ final class OAuth2SummitMembersApiController extends OAuth2ProtectedController
public function addEventToMemberSchedule($summit_id, $member_id, $event_id)
{
try {
$summit = SummitFinderStrategyFactory::build($this->summit_repository)->find($summit_id);
$summit = SummitFinderStrategyFactory::build($this->summit_repository, $this->resource_server_context)->find($summit_id);
if (is_null($summit)) return $this->error404();
$current_member_id = $this->resource_server_context->getCurrentUserExternalId();
@ -338,7 +338,7 @@ final class OAuth2SummitMembersApiController extends OAuth2ProtectedController
{
try {
$summit = SummitFinderStrategyFactory::build($this->summit_repository)->find($summit_id);
$summit = SummitFinderStrategyFactory::build($this->summit_repository, $this->resource_server_context)->find($summit_id);
if (is_null($summit)) return $this->error404();
$current_member_id = $this->resource_server_context->getCurrentUserExternalId();
@ -383,7 +383,7 @@ final class OAuth2SummitMembersApiController extends OAuth2ProtectedController
public function deleteEventRSVP($summit_id, $member_id, $event_id){
try {
$summit = SummitFinderStrategyFactory::build($this->summit_repository)->find($summit_id);
$summit = SummitFinderStrategyFactory::build($this->summit_repository, $this->resource_server_context)->find($summit_id);
if (is_null($summit)) return $this->error404();
$current_member_id = $this->resource_server_context->getCurrentUserExternalId();

2
app/Http/Controllers/Apis/Protected/Summit/OAuth2SummitNotificationsApiController.php
View File

@ -63,7 +63,7 @@ class OAuth2SummitNotificationsApiController extends OAuth2ProtectedController
{
try
{
$summit = SummitFinderStrategyFactory::build($this->summit_repository)->find($summit_id);
$summit = SummitFinderStrategyFactory::build($this->summit_repository, $this->resource_server_context)->find($summit_id);
if (is_null($summit)) return $this->error404();
$values = Input::all();

4
app/Http/Controllers/Apis/Protected/Summit/OAuth2SummitSpeakersApiController.php
View File

@ -85,7 +85,7 @@ final class OAuth2SummitSpeakersApiController extends OAuth2ProtectedController
{
try {
$summit = SummitFinderStrategyFactory::build($this->repository)->find($summit_id);
$summit = SummitFinderStrategyFactory::build($this->repository, $this->resource_server_context)->find($summit_id);
if (is_null($summit)) return $this->error404();
$values = Input::all();
@ -236,7 +236,7 @@ final class OAuth2SummitSpeakersApiController extends OAuth2ProtectedController
try
{
$summit = SummitFinderStrategyFactory::build($this->repository)->find($summit_id);
$summit = SummitFinderStrategyFactory::build($this->repository, $this->resource_server_context)->find($summit_id);
if (is_null($summit)) return $this->error404();
$speaker = CheckSpeakerStrategyFactory::build(CheckSpeakerStrategyFactory::Me, $this->resource_server_context)->check($speaker_id, $summit);

23
app/Http/Controllers/Apis/Protected/Summit/Strategies/CurrentSummitFinderStrategy.php
View File

@ -11,6 +11,8 @@
* See the License for the specific language governing permissions and
* limitations under the License.
**/
use App\Http\Utils\FilterAvailableSummitsStrategy;
use models\oauth2\IResourceServerContext;
use models\summit\ISummitRepository;
use models\summit\Summit;
/**
@ -25,9 +27,24 @@ class CurrentSummitFinderStrategy implements ISummitFinderStrategy
*/
private $repository;
public function __construct(ISummitRepository $repository)
/**
* @var IResourceServerContext
*/
private $resource_server_ctx;
/**
* CurrentSummitFinderStrategy constructor.
* @param ISummitRepository $repository
* @param IResourceServerContext $resource_server_ctx
*/
public function __construct
(
ISummitRepository $repository,
IResourceServerContext $resource_server_ctx
)
{
$this->repository = $repository;
$this->resource_server_ctx = $resource_server_ctx;
$this->repository = $repository;
}
/**
@ -38,6 +55,8 @@ class CurrentSummitFinderStrategy implements ISummitFinderStrategy
{
$summit = $summit_id === 'current' ? $this->repository->getCurrent() : $this->repository->getById(intval($summit_id));
if(is_null($summit)) return null;
$show_all = FilterAvailableSummitsStrategy::shouldReturnAllSummits($this->resource_server_ctx);
if($show_all) return $summit;
if(!$summit->isAvailableOnApi()) return null;
return $summit;
}

2
app/Http/Controllers/Apis/Protected/Summit/Strategies/events/RetrieveAllSummitEventsBySummitStrategy.php
View File

@ -64,7 +64,7 @@ class RetrieveAllSummitEventsBySummitStrategy extends RetrieveSummitEventsStrate
public function getEvents(array $params = array())
{
$summit_id = isset($params['summit_id'])? $params['summit_id']:0;
$this->summit = SummitFinderStrategyFactory::build($this->summit_repository)->find($summit_id);
$this->summit = SummitFinderStrategyFactory::build($this->summit_repository, $this->resource_server_context)->find($summit_id);
if (is_null($this->summit)) throw new EntityNotFoundException('summit not found!');
return parent::getEvents($params);

10
app/Http/Controllers/Apis/Protected/Summit/SummitFinderStrategyFactory.php
View File

@ -14,6 +14,7 @@
use models\oauth2\IResourceServerContext;
use models\utils\IBaseRepository;
/**
@ -24,10 +25,15 @@ final class SummitFinderStrategyFactory
{
/**
* @param IBaseRepository $repository
* @param IResourceServerContext $resource_server_ctx
* @return ISummitFinderStrategy
*/
public static function build(IBaseRepository $repository)
public static function build
(
IBaseRepository $repository,
IResourceServerContext $resource_server_ctx
)
{
return new CurrentSummitFinderStrategy($repository);
return new CurrentSummitFinderStrategy($repository, $resource_server_ctx);
}
}

34
app/Http/Utils/FilterAvailableSummitsStrategy.php Normal file
View File

@ -0,0 +1,34 @@
<?php namespace App\Http\Utils;
/**
* Copyright 2017 OpenStack Foundation
* Licensed under the Apache License, Version 2.0 (the "License");
* you may not use this file except in compliance with the License.
* You may obtain a copy of the License at
* http://www.apache.org/licenses/LICENSE-2.0
* Unless required by applicable law or agreed to in writing, software
* distributed under the License is distributed on an "AS IS" BASIS,
* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
* See the License for the specific language governing permissions and
* limitations under the License.
**/
use App\Security\SummitScopes;
use Illuminate\Support\Facades\Config;
use models\oauth2\IResourceServerContext;
/**
* Class FilterAvailableSummitsStrategy
* @package App\Http\Utils
*/
final class FilterAvailableSummitsStrategy
{
/**
* @param IResourceServerContext $resource_server_ctx
* @return bool
*/
static public function shouldReturnAllSummits(IResourceServerContext $resource_server_ctx){
$scopes = $resource_server_ctx->getCurrentScope();
$current_realm = Config::get('app.url');
$needed_scope = sprintf(SummitScopes::ReadAllSummitData, $current_realm);
return in_array($needed_scope, $scopes);
}
}

4
app/Http/routes.php
View File

@ -146,10 +146,6 @@ Route::group([
Route::get('', [ 'middleware' => 'cache:'.Config::get('cache_api_response.get_summits_response_lifetime', 600), 'uses' => 'OAuth2SummitApiController@getSummits']);
Route::group(array('prefix' => 'all'), function () {
Route::get('', 'OAuth2SummitApiController@getAllSummits');
});
Route::group(array('prefix' => '{id}'), function () {
Route::get('', [ 'middleware' => 'cache:'.Config::get('cache_api_response.get_summit_response_lifetime', 1200), 'uses' => 'OAuth2SummitApiController@getSummit'])->where('id', 'current|[0-9]+');

24
app/Security/SummitScopes.php Normal file
View File

@ -0,0 +1,24 @@
<?php namespace App\Security;
/**
* Copyright 2017 OpenStack Foundation
* Licensed under the Apache License, Version 2.0 (the "License");
* you may not use this file except in compliance with the License.
* You may obtain a copy of the License at
* http://www.apache.org/licenses/LICENSE-2.0
* Unless required by applicable law or agreed to in writing, software
* distributed under the License is distributed on an "AS IS" BASIS,
* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
* See the License for the specific language governing permissions and
* limitations under the License.
**/
/**
* Class SummitScopes
* @package App\Security
*/
final class SummitScopes
{
const ReadSummitData = '%s/summits/read';
const ReadAllSummitData = '%s/summits/read/all';
}

168
database/seeds/ApiEndpointsSeeder.php
View File

@ -16,7 +16,7 @@ use Illuminate\Database\Seeder;
use Illuminate\Support\Facades\Config;
use App\Models\ResourceServer\ApiEndpoint;
use LaravelDoctrine\ORM\Facades\EntityManager;
use App\Security\SummitScopes;
/**
* Class ApiEndpointsSeeder
*/
@ -78,44 +78,56 @@ class ApiEndpointsSeeder extends Seeder
'name' => 'get-summits',
'route' => '/api/v1/summits',
'http_method' => 'GET',
'scopes' => [sprintf('%s/summits/read', $current_realm)],
),
array(
'name' => 'get-all-summits',
'route' => '/api/v1/summits/all',
'http_method' => 'GET',
'scopes' => [sprintf('%s/summits/read', $current_realm)],
'scopes' => [
sprintf(SummitScopes::ReadSummitData, $current_realm),
sprintf(SummitScopes::ReadAllSummitData, $current_realm)
],
),
array(
'name' => 'get-summit',
'route' => '/api/v1/summits/{id}',
'http_method' => 'GET',
'scopes' => [sprintf('%s/summits/read', $current_realm)],
'scopes' => [
sprintf(SummitScopes::ReadSummitData, $current_realm),
sprintf(SummitScopes::ReadAllSummitData, $current_realm)
],
),
array(
'name' => 'get-summit-entity-events',
'route' => '/api/v1/summits/{id}/entity-events',
'http_method' => 'GET',
'scopes' => [sprintf('%s/summits/read', $current_realm)],
'scopes' => [
sprintf(SummitScopes::ReadSummitData, $current_realm),
sprintf(SummitScopes::ReadAllSummitData, $current_realm)
],
),
// attendees
array(
'name' => 'get-attendees',
'route' => '/api/v1/summits/{id}/attendees',
'http_method' => 'GET',
'scopes' => [sprintf('%s/summits/read', $current_realm)],
'scopes' => [
sprintf(SummitScopes::ReadSummitData, $current_realm),
sprintf(SummitScopes::ReadAllSummitData, $current_realm)
],
),
array(
'name' => 'get-attendee',
'route' => '/api/v1/summits/{id}/attendees/{attendee_id}',
'http_method' => 'GET',
'scopes' => [sprintf('%s/summits/read', $current_realm)],
'scopes' => [
sprintf(SummitScopes::ReadSummitData, $current_realm),
sprintf(SummitScopes::ReadAllSummitData, $current_realm)
],
),
array(
'name' => 'get-attendee-schedule',
'route' => '/api/v1/summits/{id}/attendees/{attendee_id}/schedule',
'http_method' => 'GET',
'scopes' => [sprintf('%s/summits/read', $current_realm)],
'scopes' => [
sprintf(SummitScopes::ReadSummitData, $current_realm),
sprintf(SummitScopes::ReadAllSummitData, $current_realm)
],
),
array(
'name' => 'add-event-attendee-schedule',
@ -140,19 +152,28 @@ class ApiEndpointsSeeder extends Seeder
'name' => 'get-speakers',
'route' => '/api/v1/summits/{id}/speakers',
'http_method' => 'GET',
'scopes' => [sprintf('%s/summits/read', $current_realm)],
'scopes' => [
sprintf(SummitScopes::ReadSummitData, $current_realm),
sprintf(SummitScopes::ReadAllSummitData, $current_realm)
],
),
array(
'name' => 'get-all-speakers',
'route' => '/api/v1/speakers',
'http_method' => 'GET',
'scopes' => [sprintf('%s/summits/read', $current_realm)],
'scopes' => [
sprintf(SummitScopes::ReadSummitData, $current_realm),
sprintf(SummitScopes::ReadAllSummitData, $current_realm)
],
),
array(
'name' => 'get-speaker',
'route' => '/api/v1/summits/{id}/speakers/{speaker_id}',
'http_method' => 'GET',
'scopes' => [sprintf('%s/summits/read', $current_realm)],
'scopes' => [
sprintf(SummitScopes::ReadSummitData, $current_realm),
sprintf(SummitScopes::ReadAllSummitData, $current_realm)
],
),
array(
'name' => 'add-speaker-feedback',
@ -165,43 +186,64 @@ class ApiEndpointsSeeder extends Seeder
'name' => 'get-events',
'route' => '/api/v1/summits/{id}/events',
'http_method' => 'GET',
'scopes' => [sprintf('%s/summits/read', $current_realm)],
'scopes' => [
sprintf(SummitScopes::ReadSummitData, $current_realm),
sprintf(SummitScopes::ReadAllSummitData, $current_realm)
],
),
array(
'name' => 'get-published-events',
'route' => '/api/v1/summits/{id}/events/published',
'http_method' => 'GET',
'scopes' => [sprintf('%s/summits/read', $current_realm)],
'scopes' => [
sprintf(SummitScopes::ReadSummitData, $current_realm),
sprintf(SummitScopes::ReadAllSummitData, $current_realm)
],
),
array(
'name' => 'get-unpublished-events',
'route' => '/api/v1/summits/{id}/events/unpublished',
'http_method' => 'GET',
'scopes' => [sprintf('%s/summits/read', $current_realm)],
'scopes' => [
sprintf(SummitScopes::ReadSummitData, $current_realm),
sprintf(SummitScopes::ReadAllSummitData, $current_realm)
],
),
array(
'name' => 'get-all-events',
'route' => '/api/v1/summits/events',
'http_method' => 'GET',
'scopes' => [sprintf('%s/summits/read', $current_realm)],
'scopes' => [
sprintf(SummitScopes::ReadSummitData, $current_realm),
sprintf(SummitScopes::ReadAllSummitData, $current_realm)
],
),
array(
'name' => 'get-all-published-events',
'route' => '/api/v1/summits/events/published',
'http_method' => 'GET',
'scopes' => [sprintf('%s/summits/read', $current_realm)],
'scopes' => [
sprintf(SummitScopes::ReadSummitData, $current_realm),
sprintf(SummitScopes::ReadAllSummitData, $current_realm)
],
),
array(
'name' => 'get-event',
'route' => '/api/v1/summits/{id}/events/{event_id}',
'http_method' => 'GET',
'scopes' => [sprintf('%s/summits/read', $current_realm)],
'scopes' => [
sprintf(SummitScopes::ReadSummitData, $current_realm),
sprintf(SummitScopes::ReadAllSummitData, $current_realm)
],
),
array(
'name' => 'get-published-event',
'route' => '/api/v1/summits/{id}/events/{event_id}/published',
'http_method' => 'GET',
'scopes' => [sprintf('%s/summits/read', $current_realm)],
'scopes' => [
sprintf(SummitScopes::ReadSummitData, $current_realm),
sprintf(SummitScopes::ReadAllSummitData, $current_realm)
],
),
array(
'name' => 'add-event',
@ -261,7 +303,10 @@ class ApiEndpointsSeeder extends Seeder
'name' => 'get-event-feedback',
'route' => '/api/v1/summits/{id}/events/{event_id}/feedback/{attendee_id?}',
'http_method' => 'GET',
'scopes' => [sprintf('%s/summits/read', $current_realm)],
'scopes' => [
sprintf(SummitScopes::ReadSummitData, $current_realm),
sprintf(SummitScopes::ReadAllSummitData, $current_realm)
],
),
array(
'name' => 'delete-rsvp',
@ -274,81 +319,120 @@ class ApiEndpointsSeeder extends Seeder
'name' => 'get-locations',
'route' => '/api/v1/summits/{id}/locations',
'http_method' => 'GET',
'scopes' => [sprintf('%s/summits/read', $current_realm)],
'scopes' => [
sprintf(SummitScopes::ReadSummitData, $current_realm),
sprintf(SummitScopes::ReadAllSummitData, $current_realm)
],
),
array(
'name' => 'get-venues',
'route' => '/api/v1/summits/{id}/locations/venues',
'http_method' => 'GET',
'scopes' => [sprintf('%s/summits/read', $current_realm)],
'scopes' => [
sprintf(SummitScopes::ReadSummitData, $current_realm),
sprintf(SummitScopes::ReadAllSummitData, $current_realm)
],
),
array(
'name' => 'get-external-locations',
'route' => '/api/v1/summits/{id}/locations/external-locations',
'http_method' => 'GET',
'scopes' => [sprintf('%s/summits/read', $current_realm)],
'scopes' => [
sprintf(SummitScopes::ReadSummitData, $current_realm),
sprintf(SummitScopes::ReadAllSummitData, $current_realm)
],
),
array(
'name' => 'get-hotels',
'route' => '/api/v1/summits/{id}/locations/hotels',
'http_method' => 'GET',
'scopes' => [sprintf('%s/summits/read', $current_realm)],
'scopes' => [
sprintf(SummitScopes::ReadSummitData, $current_realm),
sprintf(SummitScopes::ReadAllSummitData, $current_realm)
],
),
array(
'name' => 'get-airports',
'route' => '/api/v1/summits/{id}/locations/airports',
'http_method' => 'GET',
'scopes' => [sprintf('%s/summits/read', $current_realm)],
'scopes' => [
sprintf(SummitScopes::ReadSummitData, $current_realm),
sprintf(SummitScopes::ReadAllSummitData, $current_realm)
],
),
array(
'name' => 'get-location',
'route' => '/api/v1/summits/{id}/locations/{location_id}',
'http_method' => 'GET',
'scopes' => [sprintf('%s/summits/read', $current_realm)],
'scopes' => [
sprintf(SummitScopes::ReadSummitData, $current_realm),
sprintf(SummitScopes::ReadAllSummitData, $current_realm)
],
),
array(
'name' => 'get-location-events',
'route' => '/api/v1/summits/{id}/locations/{location_id}/events',
'http_method' => 'GET',
'scopes' => [sprintf('%s/summits/read', $current_realm)],
'scopes' => [
sprintf(SummitScopes::ReadSummitData, $current_realm),
sprintf(SummitScopes::ReadAllSummitData, $current_realm)
],
),
array(
'name' => 'get-location-published-events',
'route' => '/api/v1/summits/{id}/locations/{location_id}/events/published',
'http_method' => 'GET',
'scopes' => [sprintf('%s/summits/read', $current_realm)],
'scopes' => [
sprintf(SummitScopes::ReadSummitData, $current_realm),
sprintf(SummitScopes::ReadAllSummitData, $current_realm)
],
),
// event types
array(
'name' => 'get-event-types',
'route' => '/api/v1/summits/{id}/event-types',
'http_method' => 'GET',
'scopes' => [sprintf('%s/summits/read', $current_realm)],
'scopes' => [
sprintf(SummitScopes::ReadSummitData, $current_realm),
sprintf(SummitScopes::ReadAllSummitData, $current_realm)
],
),
//tracks
array(
'name' => 'get-tracks',
'route' => '/api/v1/summits/{id}/tracks',
'http_method' => 'GET',
'scopes' => [sprintf('%s/summits/read', $current_realm)],
'scopes' => [
sprintf(SummitScopes::ReadSummitData, $current_realm),
sprintf(SummitScopes::ReadAllSummitData, $current_realm)
],
),
array(
'name' => 'get-track',
'route' => '/api/v1/summits/{id}/tracks/{track_id}',
'http_method' => 'GET',
'scopes' => [sprintf('%s/summits/read', $current_realm)],
'scopes' => [
sprintf(SummitScopes::ReadSummitData, $current_realm),
sprintf(SummitScopes::ReadAllSummitData, $current_realm)
],
),
array(
'name' => 'get-track-groups',
'route' => '/api/v1/summits/{id}/track-groups',
'http_method' => 'GET',
'scopes' => [sprintf('%s/summits/read', $current_realm)],
'scopes' => [
sprintf(SummitScopes::ReadSummitData, $current_realm),
sprintf(SummitScopes::ReadAllSummitData, $current_realm)
],
),
array(
'name' => 'get-track-group',
'route' => '/api/v1/summits/{id}/track-groups/{track_group_id}',
'http_method' => 'GET',
'scopes' => [sprintf('%s/summits/read', $current_realm)],
'scopes' => [
sprintf(SummitScopes::ReadSummitData, $current_realm),
sprintf(SummitScopes::ReadAllSummitData, $current_realm)
],
),
//external orders
array(
@ -368,13 +452,19 @@ class ApiEndpointsSeeder extends Seeder
'name' => 'get-presentation-videos',
'route' => '/api/v1/summits/{id}/presentations/{presentation_id}/videos',
'http_method' => 'GET',
'scopes' => [sprintf('%s/summits/read', $current_realm)],
'scopes' => [
sprintf(SummitScopes::ReadSummitData, $current_realm),
sprintf(SummitScopes::ReadAllSummitData, $current_realm)
],
),
array(
'name' => 'get-presentation-video',
'route' => '/api/v1/summits/{id}/presentations/{presentation_id}/video/{video_id}',
'http_method' => 'GET',
'scopes' => [sprintf('%s/summits/read', $current_realm)],
'scopes' => [
sprintf(SummitScopes::ReadSummitData, $current_realm),
sprintf(SummitScopes::ReadAllSummitData, $current_realm)
],
),
array(
'name' => 'create-presentation-video',

8
database/seeds/ApiScopesSeeder.php
View File

@ -17,6 +17,7 @@ use Illuminate\Support\Facades\Config;;
use App\Models\ResourceServer\ApiScope;
use LaravelDoctrine\ORM\Facades\EntityManager;
use Illuminate\Support\Facades\DB;
use App\Security\SummitScopes;
/**
* Class ApiScopesSeeder
@ -45,10 +46,15 @@ final class ApiScopesSeeder extends Seeder
$scopes = [
array(
'name' => sprintf('%s/summits/read', $current_realm),
'name' => sprintf(SummitScopes::ReadSummitData, $current_realm),
'short_description' => 'Get Summit Data',
'description' => 'Grants read only access for Summits Data',
),
array(
'name' => sprintf(SummitScopes::ReadAllSummitData, $current_realm),
'short_description' => 'Get All Summits Data',
'description' => 'Grants read only access for All Summits Data',
),
array(
'name' => sprintf('%s/me/read', $current_realm),
'short_description' => 'Get own summit member data',

22
tests/OAuth2SummitApiTest.php
View File

@ -37,28 +37,6 @@ final class OAuth2SummitApiTest extends ProtectedApiTest
$this->assertResponseStatus(200);
}
public function testGetAllSummits()
{
$params = ['expand' => 'type,event_types,tracks'];
$headers = array("HTTP_Authorization" => " Bearer " . $this->access_token);
$response = $this->action(
"GET",
"OAuth2SummitApiController@getAllSummits",
$params,
array(),
array(),
array(),
$headers
);
$content = $response->getContent();
$summits = json_decode($content);
$this->assertTrue(!is_null($summits));
$this->assertResponseStatus(200);
}
public function testGetSummit($summit_id = 22)
{

2
tests/ProtectedApiTest.php
View File

@ -39,6 +39,7 @@ class AccessTokenServiceStub implements IAccessTokenService
$url . '/private-clouds/read',
$url . '/consultants/read',
$url . '/summits/read',
$url . '/summits/read/all',
$url . '/summits/write',
$url . '/summits/write-event',
$url . '/summits/publish-event',
@ -81,6 +82,7 @@ class AccessTokenServiceStub2 implements IAccessTokenService
$url . '/private-clouds/read',
$url . '/consultants/read',
$url . '/summits/read',
$url . '/summits/read/all',
$url . '/summits/write',
$url . '/summits/write-event',
$url . '/summits/publish-event',