Cleaned up the controllers, added in the module handling of the valid…

…ation errors.
monarc-project · Jul 21, 2023 · 3aaeb54 · 3aaeb54
1 parent 0156aa4
commit 3aaeb54
Show file tree

Hide file tree

Showing 44 changed files with 223 additions and 230 deletions.
diff --git a/Module.php b/Module.php
@@ -51,7 +51,7 @@ public function getJsonModelError($e)
 
         $exception = $e->getParam('exception');
         $exceptionJson = [];
-        if ($exception) {
+        if ($exception !== null) {
             $exceptionJson = [
                 'class' => get_class($exception),
                 'file' => $exception->getFile(),
@@ -70,10 +70,18 @@ public function getJsonModelError($e)
             'error' => $error,
             'exception' => $exceptionJson,
         ];
-        if ($error == 'error-router-no-match') {
+        if ($error === 'error-router-no-match') {
             $errorJson['message'] = 'Resource not found.';
         }
-        $model = new JsonModel(['errors' => [$errorJson]]);
+
+        if ($exception !== null && $exception->getCode() === 400) {
+            $model = new JsonModel([
+                'errors' => [json_decode($exception->getMessage(), true, 512, JSON_THROW_ON_ERROR)],
+            ]);
+        } else {
+            $model = new JsonModel(['errors' => [$errorJson]]);
+        }
+
         $e->setResult($model);
 
         return $model;

diff --git a/config/module.config.php b/config/module.config.php
@@ -28,6 +28,7 @@
 use Monarc\Core\Table\Factory\ClientEntityManagerFactory;
 use Monarc\Core\Table\ThreatTable;
 use Monarc\Core\Table\VulnerabilityTable;
+use Monarc\Core\Validator\InputValidator\InputValidationTranslator;
 
 return [
     'router' => [
@@ -53,7 +54,7 @@
                         'id' => '[0-9]+',
                     ],
                     'defaults' => [
-                        'controller' => Controller\ApiAdminHistoricalsController::class,
+                        'controller' => Controller\ApiAdminHistoricalController::class,
                     ],
                 ],
             ],
@@ -825,7 +826,7 @@
         'invokables' => [],
         'factories' => [
             Controller\ApiModelsDuplicationController::class => AutowireFactory::class,
-            Controller\ApiAdminHistoricalsController::class => AutowireFactory::class,
+            Controller\ApiAdminHistoricalController::class => AutowireFactory::class,
             Controller\ApiAdminPasswordsController::class => AutowireFactory::class,
             Controller\ApiAdminServersController::class => AutowireFactory::class,
             Controller\ApiAdminUsersController::class => AutowireFactory::class,
@@ -892,15 +893,15 @@
             {
                 return new PostAssetDataInputValidator(
                     $container->get('config'),
-                    $container->get(ConnectedUserService::class),
+                    $container->get(InputValidationTranslator::class),
                     $container->get(AssetTable::class)
                 );
             },
             PostThreatDataInputValidator::class => static function (Containerinterface $container, $serviceName)
             {
                 return new PostThreatDataInputValidator(
                     $container->get('config'),
-                    $container->get(ConnectedUserService::class),
+                    $container->get(InputValidationTranslator::class),
                     $container->get(ThreatTable::class)
                 );
             },
@@ -910,7 +911,7 @@
             ) {
                 return new PostVulnerabilityDataInputValidator(
                     $container->get('config'),
-                    $container->get(ConnectedUserService::class),
+                    $container->get(InputValidationTranslator::class),
                     $container->get(VulnerabilityTable::class)
                 );
             },
@@ -1023,7 +1024,6 @@
             'monarc_api_themes',
             'monarc_api_soacategory',
             'monarc_api_models',
-            'monarc_api_admin_users_roles',
             'monarc_api_user_profile',
             'monarc_api_anr/objects_parents',
             'monarc_api_anr/soa_scale_comment',

diff --git a/src/Controller/ApiAdminHistoricalController.php b/src/Controller/ApiAdminHistoricalController.php
@@ -0,0 +1,38 @@
+<?php declare(strict_types=1);
+/**
+ * @link      https://github.com/monarc-project for the canonical source repository
+ * @copyright Copyright (c) 2016-2023 Luxembourg House of Cybersecurity LHC.lu - Licensed under GNU Affero GPL v3
+ * @license   MONARC is licensed under GNU Affero General Public License version 3
+ */
+
+namespace Monarc\BackOffice\Controller;
+
+use Laminas\Mvc\Controller\AbstractRestfulController;
+use Monarc\Core\Controller\Handler\ControllerRequestResponseHandlerTrait;
+use Monarc\Core\Service\HistoricalService;
+
+class ApiAdminHistoricalController extends AbstractRestfulController
+{
+    use ControllerRequestResponseHandlerTrait;
+
+    private HistoricalService $historicalService;
+
+    public function __construct(HistoricalService $historicalService)
+    {
+        $this->historicalService = $historicalService;
+    }
+
+    public function getList()
+    {
+        $page = $this->params()->fromQuery('page');
+        $limit = $this->params()->fromQuery('limit');
+        $order = $this->params()->fromQuery('order');
+        $filter = $this->params()->fromQuery('filter');
+
+        return $this->getPreparedJsonResponse([
+            'count' => $this->historicalService->getFilteredCount($filter),
+            'historical' => $this->historicalService->getList($page, $limit, $order, $filter)
+        ]);
+    }
+}
+
diff --git a/src/Controller/ApiAdminHistoricalsController.php b/src/Controller/ApiAdminHistoricalsController.php
diff --git a/src/Controller/ApiAdminPasswordsController.php b/src/Controller/ApiAdminPasswordsController.php
@@ -1,54 +1,58 @@
-<?php
+<?php declare(strict_types=1);
 /**
  * @link      https://github.com/monarc-project for the canonical source repository
- * @copyright Copyright (c) 2016-2019  SMILE GIE Securitymadein.lu - Licensed under GNU Affero GPL v3
+ * @copyright Copyright (c) 2016-2023 Luxembourg House of Cybersecurity LHC.lu - Licensed under GNU Affero GPL v3
  * @license   MONARC is licensed under GNU Affero General Public License version 3
  */
 
 namespace Monarc\BackOffice\Controller;
 
 use Exception;
+use Monarc\Core\Controller\Handler\ControllerRequestResponseHandlerTrait;
 use Monarc\Core\Service\PasswordService;
 use Laminas\Mvc\Controller\AbstractRestfulController;
-use Laminas\View\Model\JsonModel;
 
 class ApiAdminPasswordsController extends AbstractRestfulController
 {
-    /** @var PasswordService */
-    private $passwordService;
+    use ControllerRequestResponseHandlerTrait;
+
+    private PasswordService $passwordService;
 
     public function __construct(PasswordService $passwordService)
     {
         $this->passwordService = $passwordService;
     }
 
+    /**
+     * @param array $data
+     */
     public function create($data)
     {
-        //password forgotten
+        /* Password forgotten. */
         if (!empty($data['email']) && empty($data['password'])) {
             try {
                 $this->passwordService->passwordForgotten($data['email']);
             } catch (Exception $e) {
-                // Ignore the exception: We don't want to leak any data
+                throw new Exception('Password reset error occurred. Please try again later.', 422);
             }
         }
 
-        //verify token
+        /* Verify token. */
         if (!empty($data['token']) && empty($data['password'])) {
-            $result = $this->passwordService->verifyToken($data['token']);
-
-            return new JsonModel(array('status' => $result));
+            return $this->getPreparedJsonResponse([
+                'status' => $this->passwordService->verifyToken($data['token'])
+            ]);
         }
 
-        //change password not logged
+        /* Change password, when user is not logged in. */
         if (!empty($data['token']) && !empty($data['password']) && !empty($data['confirm'])) {
             if ($data['password'] !== $data['confirm']) {
-                throw new Exception('Password must be the same', 422);
+                throw new Exception('Password and its confirmation have to be equal.', 422);
             }
 
             $this->passwordService->newPasswordByToken($data['token'], $data['password']);
         }
 
-        return new JsonModel(array('status' => 'ok'));
+        return $this->getSuccessfulJsonResponse();
     }
 }
diff --git a/src/Controller/ApiAdminServersController.php b/src/Controller/ApiAdminServersController.php
@@ -1,7 +1,7 @@
 <?php declare(strict_types=1);
 /**
  * @link      https://github.com/monarc-project for the canonical source repository
- * @copyright Copyright (c) 2016-2022  SMILE GIE Securitymadein.lu - Licensed under GNU Affero GPL v3
+ * @copyright Copyright (c) 2016-2023 Luxembourg House of Cybersecurity LHC.lu - Licensed under GNU Affero GPL v3
  * @license   MONARC is licensed under GNU Affero General Public License version 3
  */
 

diff --git a/src/Controller/ApiAdminUsersController.php b/src/Controller/ApiAdminUsersController.php
@@ -1,7 +1,7 @@
 <?php declare(strict_types=1);
 /**
  * @link      https://github.com/monarc-project for the canonical source repository
- * @copyright Copyright (c) 2016-2022  SMILE GIE Securitymadein.lu - Licensed under GNU Affero GPL v3
+ * @copyright Copyright (c) 2016-2023 Luxembourg House of Cybersecurity LHC.lu - Licensed under GNU Affero GPL v3
  * @license   MONARC is licensed under GNU Affero General Public License version 3
  */
 
@@ -11,20 +11,25 @@
 use Monarc\Core\InputFormatter\User\GetUsersInputFormatter;
 use Monarc\Core\Service\UserService;
 use Laminas\Mvc\Controller\AbstractRestfulController;
+use Monarc\Core\Validator\InputValidator\User\PostUserDataInputValidator;
 
 class ApiAdminUsersController extends AbstractRestfulController
 {
     use ControllerRequestResponseHandlerTrait;
 
-    private UserService $userService;
-
     private GetUsersInputFormatter $getUsersInputFormatter;
 
+    private PostUserDataInputValidator $postUserDataInputValidator;
+
+    private UserService $userService;
+
     public function __construct(
         GetUsersInputFormatter $getUsersInputFormatter,
+        PostUserDataInputValidator $postUserDataInputValidator,
         UserService $userService
     ) {
         $this->getUsersInputFormatter = $getUsersInputFormatter;
+        $this->postUserDataInputValidator = $postUserDataInputValidator;
         $this->userService = $userService;
     }
 
@@ -43,34 +48,41 @@ public function get($id)
         return $this->getPreparedJsonResponse($this->userService->getData((int)$id));
     }
 
-    /*
-     * TODO: implement the validators for create and patch the BO side similar to FO CreateUserInputValidator
+    /**
+     * @param array $data
      */
     public function create($data)
     {
+        $this->validatePostParams($this->postUserDataInputValidator, $data);
+
         $this->userService->create($data);
 
-        return $this->getPreparedJsonResponse(['status' => 'ok']);
+        return $this->getSuccessfulJsonResponse();
     }
 
+    /**
+     * @param array $data
+     */
     public function update($id, $data)
     {
+        $this->validatePostParams($this->postUserDataInputValidator, $data);
+
         $this->userService->update((int)$id, $data);
 
-        return $this->getPreparedJsonResponse(['status' => 'ok']);
+        return $this->getSuccessfulJsonResponse();
     }
 
     public function patch($id, $data)
     {
         $this->userService->patch((int)$id, $data);
 
-        return $this->getPreparedJsonResponse(['status' => 'ok']);
+        return $this->getSuccessfulJsonResponse();
     }
 
     public function delete($id)
     {
         $this->userService->delete((int)$id);
 
-        return $this->getPreparedJsonResponse(['status' => 'ok']);
+        return $this->getSuccessfulJsonResponse();
     }
 }
diff --git a/src/Controller/ApiAdminUsersRolesController.php b/src/Controller/ApiAdminUsersRolesController.php
@@ -1,26 +1,20 @@
 <?php declare(strict_types=1);
 /**
  * @link      https://github.com/monarc-project for the canonical source repository
- * @copyright Copyright (c) 2016-2021  SMILE GIE Securitymadein.lu - Licensed under GNU Affero GPL v3
+ * @copyright Copyright (c) 2016-2023 Luxembourg House of Cybersecurity LHC.lu - Licensed under GNU Affero GPL v3
  * @license   MONARC is licensed under GNU Affero General Public License version 3
  */
 
 namespace Monarc\BackOffice\Controller;
 
+use Monarc\Core\Exception\UserNotLoggedInException;
 use Monarc\Core\Service\UserRoleService;
 use Laminas\Mvc\Controller\AbstractRestfulController;
 use Laminas\View\Model\JsonModel;
 
-/**
- * Api Admin Users Roles Controller
- *
- * Class ApiAdminUsersRolesController
- * @package Monarc\BackOffice\Controller
- */
 class ApiAdminUsersRolesController extends AbstractRestfulController
 {
-    /** @var UserRoleService */
-    private $userRoleService;
+    private UserRoleService $userRoleService;
 
     public function __construct(UserRoleService $userRoleService)
     {

diff --git a/src/Controller/ApiAmvsController.php b/src/Controller/ApiAmvsController.php
@@ -107,6 +107,6 @@ public function deleteList($data)
     {
         $this->amvService->deleteList($data);
 
-        return $this->getPreparedJsonResponse(['status' => 'ok']);
+        return $this->getSuccessfulJsonResponse();
     }
 }