p3k
/
Compass
mirror of https://github.com/aaronpk/Compass.git
1
0
Fork 0
Code Issues 0 Releases 0 Wiki Activity
You can not select more than 25 topics Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
105 Commits
4 Branches
492 MiB
Tree: 453fa70077
Branches Tags
${ item.name }
Create branch ${ searchTerm }
from '453fa70077'
${ noResults }
Compass/compass/app/Http/Controllers/Controller.php

317 lines
10 KiB
Raw Normal View History

new Lumen project
9 years ago
updates * adds database for users and list of DBs * create DB interface * adds some styles so it looks less dumb
9 years ago
new Lumen project
9 years ago
new map and settings routes, add tokens for DBs
9 years ago
updates * adds database for users and list of DBs * create DB interface * adds some styles so it looks less dumb
9 years ago
new map and settings routes, add tokens for DBs
9 years ago
updates * adds database for users and list of DBs * create DB interface * adds some styles so it looks less dumb
9 years ago
new map and settings routes, add tokens for DBs
9 years ago
updates * adds database for users and list of DBs * create DB interface * adds some styles so it looks less dumb
9 years ago
new map and settings routes, add tokens for DBs
9 years ago
updates * adds database for users and list of DBs * create DB interface * adds some styles so it looks less dumb
9 years ago
new map and settings routes, add tokens for DBs
9 years ago
updates * adds database for users and list of DBs * create DB interface * adds some styles so it looks less dumb
9 years ago
new map and settings routes, add tokens for DBs
9 years ago
updates * adds database for users and list of DBs * create DB interface * adds some styles so it looks less dumb
9 years ago
new map and settings routes, add tokens for DBs
9 years ago
settings page to add/remove users and view tokens
9 years ago
fix permission check for viewing map
9 years ago
settings page to add/remove users and view tokens
9 years ago
new map and settings routes, add tokens for DBs
9 years ago
settings page to add/remove users and view tokens
9 years ago
new map and settings routes, add tokens for DBs
9 years ago
add map view with no data
9 years ago
add header menu and more semantic-ui updates
8 years ago
adds date range fields to map view
8 years ago
first take at default timezone option
7 years ago
add map view with no data
9 years ago
new map and settings routes, add tokens for DBs
9 years ago
settings page to add/remove users and view tokens
9 years ago
new map and settings routes, add tokens for DBs
9 years ago
settings page to add/remove users and view tokens
9 years ago
new map and settings routes, add tokens for DBs
9 years ago
settings page to add/remove users and view tokens
9 years ago
add header menu and more semantic-ui updates
8 years ago
new map and settings routes, add tokens for DBs
9 years ago
settings page to add/remove users and view tokens
9 years ago
add db config option to add a micropub endpoint
8 years ago
settings page to add/remove users and view tokens
9 years ago
add API route for writing data
9 years ago
settings page to add/remove users and view tokens
9 years ago
add API route for writing data
9 years ago
settings page to add/remove users and view tokens
9 years ago
add db config option to add a micropub endpoint
8 years ago
add option to ping a URL when new location data is received
7 years ago
first take at default timezone option
7 years ago
settings page to add/remove users and view tokens
9 years ago
Add support for IndieAuth authorization for the micropub endpoint
6 years ago
don't fall back to default auth for micropub login
6 years ago
Add support for IndieAuth authorization for the micropub endpoint
6 years ago
new Lumen project
9 years ago
 
  1. <?php
  2. 

  3. namespace App\Http\Controllers;
  4. 

  5. use Laravel\Lumen\Routing\Controller as BaseController;
  6. use Illuminate\Http\Request;
  7. use DB;
  8. 

  9. class Controller extends BaseController
  10. {
  11.   private static function displayURL() {
  12.     return preg_replace('/(^https?:\/\/|\/$)/', '', session('me'));
  13.   }
  14. 

  15.   public function index(Request $request) {
  16.     if(session('user_id')) {
  17. 

  18.       $databases = DB::select('SELECT d.*
  19.         FROM `databases` d
  20.         JOIN database_users u ON d.id = u.database_id
  21.         WHERE u.user_id = ?
  22.         ORDER BY name', [session('user_id')]);
  23. 

  24.       return view('dashboard', [
  25.         'displayURL' => self::displayURL(),
  26.         'databases' => $databases
  27.       ]);
  28.     } else {
  29.       return view('index');
  30.     }
  31.   }
  32. 

  33.   public function createDatabase(Request $request) {
  34.     if(!session('user_id'))
  35.       return redirect('/');
  36. 

  37.     if($request->input('name') == '') {
  38.       $request->session()->flash('create-error', 'Enter a name.');
  39.       return redirect('/');
  40.     }
  41. 

  42.     // Only alphanumeric chars are allowed

  43.     if(preg_replace('/[^a-zA-Z0-9]/', '', $request->input('name')) != $request->input('name')) {
  44.       $request->session()->flash('create-error', 'Only alphanumeric characters are allowed.');
  45.       $request->session()->flash('database-name', preg_replace('/[^a-zA-Z0-9]/','',$request->input('name')));
  46.       return redirect('/');
  47.     }
  48. 

  49.     // Check for conflicts

  50.     $db = DB::select('SELECT * FROM `databases` WHERE name = ?', [$request->input('name')]);
  51.     if(count($db) == 0) {
  52. 

  53.       // Create the database records

  54.       $id = DB::table('databases')->insertGetId([
  55.         'name' => $request->input('name'),
  56.         'read_token' => str_random(40),
  57.         'write_token' => str_random(40),
  58.         'created_by' => session('user_id'),
  59.         'created_at' => date('Y-m-d H:i:s')
  60.       ]);
  61.       DB::table('database_users')->insert([
  62.         'database_id' => $id,
  63.         'user_id' => session('user_id'),
  64.         'created_at' => date('Y-m-d H:i:s')
  65.       ]);
  66.       return redirect('/');
  67. 

  68.     } else {
  69.       $request->session()->flash('create-error', 'That database name is already in use.');
  70.       $request->session()->flash('database-name', $request->input('name'));
  71.       return redirect('/');
  72.     }
  73.   }
  74. 

  75.   public function map(Request $request, $name) {
  76.     if(!session('user_id'))
  77.       return redirect('/');
  78. 

  79.     // Verify this user has access to the database

  80.     $db = DB::table('databases')
  81.       ->join('database_users', function($join){
  82.         $join->on('databases.id','=','database_users.database_id');
  83.       })
  84.       ->where('user_id','=',session('user_id'))
  85.       ->where('name','=',$name)
  86.       ->first();
  87.     if(!$db)
  88.       return redirect('/');
  89. 

  90. 

  91.     return view('map', [
  92.       'displayURL' => self::displayURL(),
  93.       'database' => $db,
  94.       'menu' => [
  95.         '/settings/'.$name => 'Settings'
  96.       ],
  97.       'range_from' => $request->input('from') ?: '',
  98.       'range_to' => $request->input('to') ?: '',
  99.       'range_tz' => $request->input('tz') ?: $db->timezone
  100.     ]);
  101.   }
  102. 

  103.   public function settings(Request $request, $name) {
  104.     if(!session('user_id'))
  105.       return redirect('/');
  106. 

  107.     // Only the person that created the database can modify it

  108.     $db = DB::table('databases')
  109.       ->where('created_by','=',session('user_id'))
  110.       ->where('name','=',$name)
  111.       ->first();
  112.     if(!$db)
  113.       return redirect('/');
  114. 

  115.     $users = DB::select('SELECT u.*
  116.       FROM users u
  117.       JOIN database_users d ON u.id = d.user_id
  118.       WHERE d.database_id = ?
  119.       ORDER BY u.url', [$db->id]);
  120. 

  121.     return view('settings', [
  122.       'displayURL' => self::displayURL(),
  123.       'database' => $db,
  124.       'users' => $users,
  125.       'menu' => [
  126.         '/map/'.$name => 'Map'
  127.       ]
  128.     ]);
  129.   }
  130. 

  131.   public function updateSettings(Request $request, $name) {
  132.     if(!session('user_id'))
  133.       return redirect('/');
  134. 

  135.     // Only the person that created the database can modify it

  136.     $db = DB::table('databases')
  137.       ->where('created_by','=',session('user_id'))
  138.       ->where('name','=',$name)
  139.       ->first();
  140.     if(!$db)
  141.       return redirect('/');
  142. 

  143.     if($request->input('remove_user')) {
  144. 

  145.       $user = DB::table('users')->where('url','=',$request->input('remove_user'))->first();
  146.       if($user) {
  147.         DB::table('database_users')->where('database_id','=',$db->id)->where('user_id','=',$user->id)->delete();
  148.       }
  149. 

  150.       return response(json_encode([
  151.         'result' => 'ok'
  152.       ]))->header('Content-Type', 'application/json');
  153. 

  154.     } else if($request->input('add_user')) {
  155.       // Find user if it exists already

  156.       $user = DB::table('users')->where('url','=',$request->input('add_user'))->first();
  157.       if($user) {
  158.         $user_id = $user->id;
  159.       } else {
  160.         $user_id = DB::table('users')->insertGetId([
  161.           'url' => $request->input('add_user'),
  162.           'created_at' => date('Y-m-d H:i:s')
  163.         ]);
  164.       }
  165. 

  166.       // Add access to the database

  167.       $exists = DB::table('database_users')->where('database_id','=',$db->id)->where('user_id','=',$user_id)->first();
  168.       if(!$exists) {
  169.         DB::table('database_users')->insert([
  170.           'database_id' => $db->id,
  171.           'user_id' => $user_id,
  172.           'created_at' => date('Y-m-d H:i:s')
  173.         ]);
  174.       }
  175. 

  176.       return redirect('/settings/'.$db->name);
  177.     } else if($request->input('micropub_endpoint')) {
  178.       DB::table('databases')->where('id', $db->id)
  179.         ->update([
  180.           'micropub_endpoint' => $request->input('micropub_endpoint'),
  181.           'micropub_token' => $request->input('micropub_token'),
  182.         ]);
  183. 

  184.       return redirect('/settings/'.$db->name);
  185.     } else if($request->input('ping_urls')) {
  186.       DB::table('databases')->where('id', $db->id)
  187.         ->update([
  188.           'ping_urls' => $request->input('ping_urls'),
  189.         ]);
  190. 

  191.       return redirect('/settings/'.$db->name);
  192.     } else if($request->input('timezone')) {
  193.       DB::table('databases')->where('id', $db->id)
  194. 	->update([
  195. 	  'timezone' => $request->input('timezone'),
  196.           'metric' => $request->input('metric'),
  197.         ]);
  198. 

  199.       return redirect('/settings/'.$db->name);
  200.     }
  201.   }
  202. 

  203.     public function micropubStart(Request $request, $dbName) {
  204. 

  205.         $me = \IndieAuth\Client::normalizeMeURL($request->input('me'));
  206.         if(!$me) {
  207.             return view('auth/error', ['error' => 'Invalid URL']);
  208.         }
  209. 

  210.         $state = \IndieAuth\Client::generateStateParameter();
  211. 

  212.         $authorizationEndpoint = \IndieAuth\Client::discoverAuthorizationEndpoint($me);
  213. 

  214.         if(!$authorizationEndpoint) {
  215.           return view('auth/error', ['error' => 'No Authorization Endpoint Specified']);
  216.         }
  217. 

  218.         // Isolate session variables to this variable only

  219.         session([$dbName => [
  220.             'auth_state' => $state,
  221.             'attempted_me' => $me,
  222.             'authorization_endpoint' => $authorizationEndpoint
  223.         ]]);
  224. 

  225.         $authorizationURL = \IndieAuth\Client::buildAuthorizationURL($authorizationEndpoint, $me, $this->_databaseRedirectURI($dbName), env('BASE_URL'), $state, 'create');
  226. 

  227.         return redirect($authorizationURL);
  228.     }
  229. 

  230.     public function micropubCallback(Request $request, $dbName) {
  231. 

  232.         $settingsSession = session($dbName);
  233. 

  234.         // Start all error checking

  235.         if(!$settingsSession['auth_state'] || !$settingsSession['attempted_me']) {
  236.             return view('auth/error', ['error' => 'Missing state information. Start over.']);
  237.         }
  238. 

  239.         if($request->input('error')) {
  240.             return view('auth/error', ['error' => $request->input('error')]);
  241.         }
  242. 

  243.         if($settingsSession['auth_state'] != $request->input('state')) {
  244.             return view('auth/error', ['error' => 'State did not match. Start over.']);
  245.         }
  246. 

  247.         // Verify that the database exists and doesn't have micropub already

  248.         $db = DB::table('databases')
  249.             ->where('name','=',$dbName)
  250.             ->first();
  251. 

  252.         if (!$db) {
  253.             return view('auth/error', ['error' => 'Database requested does not exist']);
  254.         }
  255. 

  256.         if (!empty($db->micropub_token)) {
  257.             return view('auth/error', ['error' => 'Database already is connected to a micropub endpoint. Please remove the existing endpoint first.']);
  258.         }
  259. 

  260.         $tokenEndpoint = \IndieAuth\Client::discoverTokenEndpoint($settingsSession['attempted_me']);
  261.         if (empty($tokenEndpoint)) {
  262.             return view('auth/error', ['error' => 'Could not find user\'s token endpoint']);
  263.         }
  264. 

  265.         $token = \IndieAuth\Client::getAccessToken($tokenEndpoint, $request->input('code'), $settingsSession['attempted_me'], $this->_databaseRedirectURI($dbName), env('BASE_URL'));
  266. 

  267.         if($token && array_key_exists('me', $token)) {
  268.             // forget the current db settings session

  269.             session()->forget($dbName);
  270. 

  271.             if (!array_key_exists('access_token', $token)) {
  272.                 return view('auth/error', ['error' => 'Could not find access_token']);
  273.             }
  274. 

  275.             if (!array_key_exists('scope', $token) || strpos($token['scope'], 'create') === false) {
  276.                 return view('auth/error', ['error' => 'You were not granted a create scope']);
  277.             }
  278. 

  279.             $micropubEndpoint = \IndieAuth\Client::discoverMicropubEndpoint($token['me']);
  280.             $micropubToken = $token['access_token'];
  281. 

  282.             DB::table('databases')->where('id', $db->id)
  283.                 ->update([
  284.                     'micropub_endpoint' => $micropubEndpoint,
  285.                     'micropub_token' => $micropubToken
  286.                 ]);
  287.         } else {
  288.             return view('auth/error', ['error' => 'No url id found']);
  289.         }
  290. 

  291.         return redirect('/settings/'.$db->name);
  292.     }
  293. 

  294.     public function removeMicropub(Request $request, $dbName) {
  295. 

  296.         $db = DB::table('databases')
  297.             ->where('name','=',$dbName)
  298.             ->first();
  299. 

  300.         if (!$db) {
  301.             return view('auth/error', ['error' => 'Database requested does not exist']);
  302.         }
  303. 

  304.         DB::table('databases')->where('id', $db->id)
  305.             ->update([
  306.                 'micropub_endpoint' => '',
  307.                 'micropub_token' => ''
  308.             ]);
  309. 

  310.         return redirect('/settings/'.$db->name);
  311.     }
  312. 

  313.     private function _databaseRedirectURI($dbName) {
  314.         return env('BASE_URL') . 'settings/' . $dbName . '/auth/callback';
  315.     }
  316. 

  317. }