p3k
/
Compass
mirror of https://github.com/aaronpk/Compass.git
1
0
Fork 0
Code Issues 0 Releases 0 Wiki Activity
You can not select more than 25 topics Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
120 Commits
4 Branches
147 MiB
Tree: 917cc9c1d8
Branches Tags
${ item.name }
Create branch ${ searchTerm }
from '917cc9c1d8'
${ noResults }
Compass/compass/app/Http/Controllers/Controller.php

317 lines
10 KiB
Raw Normal View History

new Lumen project
10 years ago
updates * adds database for users and list of DBs * create DB interface * adds some styles so it looks less dumb
10 years ago
new Lumen project
10 years ago
new map and settings routes, add tokens for DBs
10 years ago
updates * adds database for users and list of DBs * create DB interface * adds some styles so it looks less dumb
10 years ago
new map and settings routes, add tokens for DBs
10 years ago
updates * adds database for users and list of DBs * create DB interface * adds some styles so it looks less dumb
10 years ago
new map and settings routes, add tokens for DBs
10 years ago
updates * adds database for users and list of DBs * create DB interface * adds some styles so it looks less dumb
10 years ago
new map and settings routes, add tokens for DBs
10 years ago
updates * adds database for users and list of DBs * create DB interface * adds some styles so it looks less dumb
10 years ago
new map and settings routes, add tokens for DBs
10 years ago
updates * adds database for users and list of DBs * create DB interface * adds some styles so it looks less dumb
10 years ago
new map and settings routes, add tokens for DBs
10 years ago
updates * adds database for users and list of DBs * create DB interface * adds some styles so it looks less dumb
10 years ago
new map and settings routes, add tokens for DBs
10 years ago
settings page to add/remove users and view tokens
10 years ago
fix permission check for viewing map
10 years ago
settings page to add/remove users and view tokens
10 years ago
new map and settings routes, add tokens for DBs
10 years ago
settings page to add/remove users and view tokens
10 years ago
new map and settings routes, add tokens for DBs
10 years ago
add map view with no data
10 years ago
add header menu and more semantic-ui updates
9 years ago
adds date range fields to map view
9 years ago
first take at default timezone option
8 years ago
add map view with no data
10 years ago
new map and settings routes, add tokens for DBs
10 years ago
settings page to add/remove users and view tokens
10 years ago
new map and settings routes, add tokens for DBs
10 years ago
settings page to add/remove users and view tokens
10 years ago
new map and settings routes, add tokens for DBs
10 years ago
settings page to add/remove users and view tokens
10 years ago
add header menu and more semantic-ui updates
9 years ago
new map and settings routes, add tokens for DBs
10 years ago
settings page to add/remove users and view tokens
10 years ago
add db config option to add a micropub endpoint
9 years ago
settings page to add/remove users and view tokens
10 years ago
add API route for writing data
10 years ago
settings page to add/remove users and view tokens
10 years ago
add API route for writing data
10 years ago
settings page to add/remove users and view tokens
10 years ago
add db config option to add a micropub endpoint
9 years ago
add option to ping a URL when new location data is received
8 years ago
first take at default timezone option
8 years ago
settings page to add/remove users and view tokens
10 years ago
Add support for IndieAuth authorization for the micropub endpoint
7 years ago
don't fall back to default auth for micropub login
7 years ago
Add support for IndieAuth authorization for the micropub endpoint
7 years ago
new Lumen project
10 years ago
 
  1. <?php
  2. 

  3. namespace App\Http\Controllers;
  4. 

  5. use Laravel\Lumen\Routing\Controller as BaseController;
  6. use Illuminate\Http\Request;
  7. use DB;
  8. 

  9. class Controller extends BaseController
  10. {
  11.   private static function displayURL() {
  12.     return preg_replace('/(^https?:\/\/|\/$)/', '', session('me'));
  13.   }
  14. 

  15.   public function index(Request $request) {
  16.     if(session('user_id')) {
  17. 

  18.       $databases = DB::select('SELECT d.*
  19.         FROM `databases` d
  20.         JOIN database_users u ON d.id = u.database_id
  21.         WHERE u.user_id = ?
  22.         ORDER BY name', [session('user_id')]);
  23. 

  24.       return view('dashboard', [
  25.         'displayURL' => self::displayURL(),
  26.         'databases' => $databases
  27.       ]);
  28.     } else {
  29.       return view('index');
  30.     }
  31.   }
  32. 

  33.   public function createDatabase(Request $request) {
  34.     if(!session('user_id'))
  35.       return redirect('/');
  36. 

  37.     if($request->input('name') == '') {
  38.       $request->session()->flash('create-error', 'Enter a name.');
  39.       return redirect('/');
  40.     }
  41. 

  42.     // Only alphanumeric chars are allowed

  43.     if(preg_replace('/[^a-zA-Z0-9]/', '', $request->input('name')) != $request->input('name')) {
  44.       $request->session()->flash('create-error', 'Only alphanumeric characters are allowed.');
  45.       $request->session()->flash('database-name', preg_replace('/[^a-zA-Z0-9]/','',$request->input('name')));
  46.       return redirect('/');
  47.     }
  48. 

  49.     // Check for conflicts

  50.     $db = DB::select('SELECT * FROM `databases` WHERE name = ?', [$request->input('name')]);
  51.     if(count($db) == 0) {
  52. 

  53.       // Create the database records

  54.       $id = DB::table('databases')->insertGetId([
  55.         'name' => $request->input('name'),
  56.         'read_token' => str_random(40),
  57.         'write_token' => str_random(40),
  58.         'created_by' => session('user_id'),
  59.         'created_at' => date('Y-m-d H:i:s')
  60.       ]);
  61.       DB::table('database_users')->insert([
  62.         'database_id' => $id,
  63.         'user_id' => session('user_id'),
  64.         'created_at' => date('Y-m-d H:i:s')
  65.       ]);
  66.       return redirect('/');
  67. 

  68.     } else {
  69.       $request->session()->flash('create-error', 'That database name is already in use.');
  70.       $request->session()->flash('database-name', $request->input('name'));
  71.       return redirect('/');
  72.     }
  73.   }
  74. 

  75.   public function map(Request $request, $name) {
  76.     if(!session('user_id'))
  77.       return redirect('/');
  78. 

  79.     // Verify this user has access to the database

  80.     $db = DB::table('databases')
  81.       ->join('database_users', function($join){
  82.         $join->on('databases.id','=','database_users.database_id');
  83.       })
  84.       ->where('user_id','=',session('user_id'))
  85.       ->where('name','=',$name)
  86.       ->first();
  87.     if(!$db)
  88.       return redirect('/');
  89. 

  90. 

  91.     return view('map', [
  92.       'displayURL' => self::displayURL(),
  93.       'database' => $db,
  94.       'menu' => [
  95.         '/settings/'.$name => 'Settings'
  96.       ],
  97.       'range_from' => $request->input('from') ?: '',
  98.       'range_to' => $request->input('to') ?: '',
  99.       'range_tz' => $request->input('tz') ?: $db->timezone
  100.     ]);
  101.   }
  102. 

  103.   public function settings(Request $request, $name) {
  104.     if(!session('user_id'))
  105.       return redirect('/');
  106. 

  107.     // Only the person that created the database can modify it

  108.     $db = DB::table('databases')
  109.       ->where('created_by','=',session('user_id'))
  110.       ->where('name','=',$name)
  111.       ->first();
  112.     if(!$db)
  113.       return redirect('/');
  114. 

  115.     $users = DB::select('SELECT u.*
  116.       FROM users u
  117.       JOIN database_users d ON u.id = d.user_id
  118.       WHERE d.database_id = ?
  119.       ORDER BY u.url', [$db->id]);
  120. 

  121.     return view('settings', [
  122.       'displayURL' => self::displayURL(),
  123.       'database' => $db,
  124.       'users' => $users,
  125.       'menu' => [
  126.         '/map/'.$name => 'Map'
  127.       ]
  128.     ]);
  129.   }
  130. 

  131.   public function updateSettings(Request $request, $name) {
  132.     if(!session('user_id'))
  133.       return redirect('/');
  134. 

  135.     // Only the person that created the database can modify it

  136.     $db = DB::table('databases')
  137.       ->where('created_by','=',session('user_id'))
  138.       ->where('name','=',$name)
  139.       ->first();
  140.     if(!$db)
  141.       return redirect('/');
  142. 

  143.     if($request->input('remove_user')) {
  144. 

  145.       $user = DB::table('users')->where('url','=',$request->input('remove_user'))->first();
  146.       if($user) {
  147.         DB::table('database_users')->where('database_id','=',$db->id)->where('user_id','=',$user->id)->delete();
  148.       }
  149. 

  150.       return response(json_encode([
  151.         'result' => 'ok'
  152.       ]))->header('Content-Type', 'application/json');
  153. 

  154.     } else if($request->input('add_user')) {
  155.       // Find user if it exists already

  156.       $user = DB::table('users')->where('url','=',$request->input('add_user'))->first();
  157.       if($user) {
  158.         $user_id = $user->id;
  159.       } else {
  160.         $user_id = DB::table('users')->insertGetId([
  161.           'url' => $request->input('add_user'),
  162.           'created_at' => date('Y-m-d H:i:s')
  163.         ]);
  164.       }
  165. 

  166.       // Add access to the database

  167.       $exists = DB::table('database_users')->where('database_id','=',$db->id)->where('user_id','=',$user_id)->first();
  168.       if(!$exists) {
  169.         DB::table('database_users')->insert([
  170.           'database_id' => $db->id,
  171.           'user_id' => $user_id,
  172.           'created_at' => date('Y-m-d H:i:s')
  173.         ]);
  174.       }
  175. 

  176.       return redirect('/settings/'.$db->name);
  177.     } else if($request->input('micropub_endpoint')) {
  178.       DB::table('databases')->where('id', $db->id)
  179.         ->update([
  180.           'micropub_endpoint' => $request->input('micropub_endpoint'),
  181.           'micropub_token' => $request->input('micropub_token'),
  182.         ]);
  183. 

  184.       return redirect('/settings/'.$db->name);
  185.     } else if($request->input('ping_urls')) {
  186.       DB::table('databases')->where('id', $db->id)
  187.         ->update([
  188.           'ping_urls' => $request->input('ping_urls'),
  189.         ]);
  190. 

  191.       return redirect('/settings/'.$db->name);
  192.     } else if($request->input('timezone')) {
  193.       DB::table('databases')->where('id', $db->id)
  194. 	->update([
  195. 	  'timezone' => $request->input('timezone'),
  196.           'metric' => $request->input('metric'),
  197.         ]);
  198. 

  199.       return redirect('/settings/'.$db->name);
  200.     }
  201.   }
  202. 

  203.     public function micropubStart(Request $request, $dbName) {
  204. 

  205.         $me = \IndieAuth\Client::normalizeMeURL($request->input('me'));
  206.         if(!$me) {
  207.             return view('auth/error', ['error' => 'Invalid URL']);
  208.         }
  209. 

  210.         $state = \IndieAuth\Client::generateStateParameter();
  211. 

  212.         $authorizationEndpoint = \IndieAuth\Client::discoverAuthorizationEndpoint($me);
  213. 

  214.         if(!$authorizationEndpoint) {
  215.           return view('auth/error', ['error' => 'No Authorization Endpoint Specified']);
  216.         }
  217. 

  218.         // Isolate session variables to this variable only

  219.         session([$dbName => [
  220.             'auth_state' => $state,
  221.             'attempted_me' => $me,
  222.             'authorization_endpoint' => $authorizationEndpoint
  223.         ]]);
  224. 

  225.         $authorizationURL = \IndieAuth\Client::buildAuthorizationURL($authorizationEndpoint, $me, $this->_databaseRedirectURI($dbName), env('BASE_URL'), $state, 'create');
  226. 

  227.         return redirect($authorizationURL);
  228.     }
  229. 

  230.     public function micropubCallback(Request $request, $dbName) {
  231. 

  232.         $settingsSession = session($dbName);
  233. 

  234.         // Start all error checking

  235.         if(!$settingsSession['auth_state'] || !$settingsSession['attempted_me']) {
  236.             return view('auth/error', ['error' => 'Missing state information. Start over.']);
  237.         }
  238. 

  239.         if($request->input('error')) {
  240.             return view('auth/error', ['error' => $request->input('error')]);
  241.         }
  242. 

  243.         if($settingsSession['auth_state'] != $request->input('state')) {
  244.             return view('auth/error', ['error' => 'State did not match. Start over.']);
  245.         }
  246. 

  247.         // Verify that the database exists and doesn't have micropub already

  248.         $db = DB::table('databases')
  249.             ->where('name','=',$dbName)
  250.             ->first();
  251. 

  252.         if (!$db) {
  253.             return view('auth/error', ['error' => 'Database requested does not exist']);
  254.         }
  255. 

  256.         if (!empty($db->micropub_token)) {
  257.             return view('auth/error', ['error' => 'Database already is connected to a micropub endpoint. Please remove the existing endpoint first.']);
  258.         }
  259. 

  260.         $tokenEndpoint = \IndieAuth\Client::discoverTokenEndpoint($settingsSession['attempted_me']);
  261.         if (empty($tokenEndpoint)) {
  262.             return view('auth/error', ['error' => 'Could not find user\'s token endpoint']);
  263.         }
  264. 

  265.         $token = \IndieAuth\Client::getAccessToken($tokenEndpoint, $request->input('code'), $settingsSession['attempted_me'], $this->_databaseRedirectURI($dbName), env('BASE_URL'));
  266. 

  267.         if($token && array_key_exists('me', $token)) {
  268.             // forget the current db settings session

  269.             session()->forget($dbName);
  270. 

  271.             if (!array_key_exists('access_token', $token)) {
  272.                 return view('auth/error', ['error' => 'Could not find access_token']);
  273.             }
  274. 

  275.             if (!array_key_exists('scope', $token) || strpos($token['scope'], 'create') === false) {
  276.                 return view('auth/error', ['error' => 'You were not granted a create scope']);
  277.             }
  278. 

  279.             $micropubEndpoint = \IndieAuth\Client::discoverMicropubEndpoint($token['me']);
  280.             $micropubToken = $token['access_token'];
  281. 

  282.             DB::table('databases')->where('id', $db->id)
  283.                 ->update([
  284.                     'micropub_endpoint' => $micropubEndpoint,
  285.                     'micropub_token' => $micropubToken
  286.                 ]);
  287.         } else {
  288.             return view('auth/error', ['error' => 'No url id found']);
  289.         }
  290. 

  291.         return redirect('/settings/'.$db->name);
  292.     }
  293. 

  294.     public function removeMicropub(Request $request, $dbName) {
  295. 

  296.         $db = DB::table('databases')
  297.             ->where('name','=',$dbName)
  298.             ->first();
  299. 

  300.         if (!$db) {
  301.             return view('auth/error', ['error' => 'Database requested does not exist']);
  302.         }
  303. 

  304.         DB::table('databases')->where('id', $db->id)
  305.             ->update([
  306.                 'micropub_endpoint' => '',
  307.                 'micropub_token' => ''
  308.             ]);
  309. 

  310.         return redirect('/settings/'.$db->name);
  311.     }
  312. 

  313.     private function _databaseRedirectURI($dbName) {
  314.         return env('BASE_URL') . 'settings/' . $dbName . '/auth/callback';
  315.     }
  316. 

  317. }