diff --git a/app/Http/Controllers/API/AppController.php b/app/Http/Controllers/API/AppController.php index d0a5883..38096bc 100644 --- a/app/Http/Controllers/API/AppController.php +++ b/app/Http/Controllers/API/AppController.php @@ -28,9 +28,16 @@ class AppController extends BaseController throw new NoPermissionException(403, "App has no access to perform this request."); } - $apps = \App\Models\App::query()->where("user_id", "=", Auth::user()->id)->get(); - return $response->withData(AppForOwner::collection(collect($apps))); + $apps = \App\Models\App::query()->where("user_id", "=", Auth::user()->id)->paginate(100); + + $response->setPagination( + $apps->currentPage(), + $apps->lastPage(), + $apps->perPage() + ); + + return $response->withData(AppForOwner::collection($apps)); } public function appDetails(Response $response, $id) { if(!Auth::check()) { diff --git a/public/docs/api.yml b/public/docs/api.yml index 7ad2eda..2df79b2 100644 --- a/public/docs/api.yml +++ b/public/docs/api.yml @@ -15,6 +15,10 @@ tags: description: "The User-Account" - name: "user" description: "Register and Login to an Account" + - name: "admin" + description: "Calls for the Admin users only" + - name: "apps" + description: "Information and Actions about Apps" schemes: - "https" paths: @@ -304,6 +308,448 @@ paths: msg: type: "string" example: "You need to login" + /account: + get: + tags: + - "account" + - "admin" + summary: "ADMIN! Return a list of all users" + description: "Return a list with all users in the system." + parameters: + - in: query + name: page + description: "Which page should be returned" + required: false + type: string + responses: + 200: + description: "Found user and return informations" + schema: + type: "object" + properties: + data: + type: array + items: + $ref: '#/definitions/User' + success: + type: "boolean" + example: true + msg: + type: "string" + example: "" + pagination: + type: "object" + properties: + currentPage: + type: integer + pageCount: + type: integer + itemsPerPage: + type: integer + 401: + description: "Not logged in" + schema: + type: "object" + properties: + success: + type: "boolean" + example: false + msg: + type: "string" + example: "You need to login" + 403: + description: "You dont have the permission to see this data" + schema: + type: "object" + properties: + success: + type: "boolean" + example: false + msg: + type: "string" + example: "You need to login" + /account/{id}: + get: + tags: + - "account" + - "admin" + summary: "ADMIN! Return a User object" + description: "" + parameters: + - in: path + name: id + description: "User ID to get details from" + required: true + type: string + responses: + 200: + description: "Found user and return informations" + schema: + type: "object" + properties: + data: + $ref: '#/definitions/User' + success: + type: "boolean" + example: true + msg: + type: "string" + example: "" + pagination: + type: "object" + properties: + currentPage: + type: integer + pageCount: + type: integer + itemsPerPage: + type: integer + 401: + description: "Not logged in" + schema: + type: "object" + properties: + success: + type: "boolean" + example: false + msg: + type: "string" + example: "You need to login" + 403: + description: "You dont have the permission to see this data" + schema: + type: "object" + properties: + success: + type: "boolean" + example: false + msg: + type: "string" + example: "You need to login" + /app: + get: + tags: + - "apps" + summary: "Return a list of the Users Apps" + description: "" + responses: + 200: + description: "List of Apps" + schema: + type: "object" + properties: + data: + type: array + items: + $ref: '#/definitions/AppForOwner' + success: + type: "boolean" + example: true + msg: + type: "string" + example: "" + pagination: + type: "object" + properties: + currentPage: + type: integer + pageCount: + type: integer + itemsPerPage: + type: integer + /app/find: + get: + tags: + - "apps" + summary: "Find Apps on the given Informations" + description: "If no paramtes are given it will return a complete list of all Apps" + parameters: + - in: query + name: apiKey + description: "Search an app based on the API-Key" + required: false + type: string + responses: + 200: + description: "List of Apps" + schema: + type: "object" + properties: + data: + type: array + items: + $ref: '#/definitions/App' + success: + type: "boolean" + example: true + msg: + type: "string" + example: "" + pagination: + type: "object" + properties: + currentPage: + type: integer + pageCount: + type: integer + itemsPerPage: + type: integer + /app/{id}: + get: + tags: + - "apps" + summary: "Return information about an app" + description: "If the User is owner of the App it will return a AppForOwner Object, if not just an App bject." + parameters: + - in: path + name: id + description: "App ID" + required: true + type: string + responses: + 200: + description: "List of Apps" + schema: + type: "object" + properties: + data: + $ref: '#/definitions/App' + success: + type: "boolean" + example: true + msg: + type: "string" + example: "" + put: + tags: + - "apps" + summary: "Update App Details" + description: "" + produces: + - "application/json" + consumes: + - "multipart/form-data" + - "application/json" + parameters: + - in: path + name: id + required: true + type: integer + - in: formData + name: name + description: "Name of the app" + required: false + type: string + - in: formData + name: description + description: "Description of the App" + required: false + type: string + - in: formData + name: url + description: "App Webpage URL" + required: false + type: string + - in: formData + name: direct_url + description: "Direct Login URL" + required: false + type: string + responses: + 200: + description: "List of Apps" + schema: + type: "object" + properties: + data: + $ref: '#/definitions/AppForOwner' + success: + type: "boolean" + example: true + msg: + type: "string" + example: "" + /app/{id}/access: + get: + tags: + - "apps" + - "oAuth" + summary: "Return Access Information about the current user and this App" + description: "If the App is auto_accept it will direct creat and return a access object with allowd status. If status is allowed you can redirect the user back to the app." + produces: + - "application/json" + consumes: + - "multipart/form-data" + - "application/json" + parameters: + - in: path + name: id + description: "App ID" + required: true + type: string + responses: + 200: + description: "List of Apps" + schema: + type: "object" + properties: + data: + $ref: '#/definitions/AppAccess' + success: + type: "boolean" + example: true + msg: + type: "string" + example: "" + /app/{id}/access/allow: + post: + tags: + - "apps" + - "oAuth" + summary: "Set the Access to allow and return an appCode/redirectURL" + description: "If the user clicks on the 'Login to XY' button this endpoint create the code for the App and a return url, the gui redirect the User to this url to finish the login" + produces: + - "application/json" + consumes: + - "multipart/form-data" + - "application/json" + parameters: + - in: path + name: id + description: "App ID" + required: true + type: string + - in: formData + name: redirect_uri + description: "The Redirect URL given by the App as GET-Paremter" + required: true + type: string + - in: formData + name: state + description: "Give from the APP as GET-Parameter" + required: false + type: string + responses: + 200: + description: "List of Apps" + schema: + type: "object" + properties: + data: + type: "object" + properties: + appCode: + type: string + description: "Code for the App to create a oAuth Bear and oAuth Refresh token with" + redirectUrl: + type: string + description: "URL to redirect the user to, contains all needet informations." + success: + type: "boolean" + example: true + msg: + type: "string" + example: "" + /oauth/authorize: + get: + tags: + - "oAuth" + summary: "Entry Point for Apps to start oAuth workflow" + consumes: + - "multipart/form-data" + - "application/json" + parameters: + - in: query + name: client_id + description: "API-Key for the App the login should be started" + required: true + type: string + - in: query + name: redirect_uri + description: "URL to redirect the user back if he want to join the app" + required: true + type: string + - in: query + name: state + description: "Param from the App, added to the redirect url" + required: false + type: string + responses: + 200: + description: Return a HTML view or redirect the user to a HTML-View to give Access to the App + /oauth/token: + post: + tags: + - "oAuth" + summary: "Get Beare Access Token and Refresh Token from AppCode" + consumes: + - "multipart/form-data" + - "application/json" + parameters: + - in: formData + name: code + description: "Code give from the GET-Request the user is redirectet to." + required: true + type: string + responses: + 200: + description: Token is valide, the user has logged in + schema: + type: object + properties: + access_token: + type: string + description: Access Token (bearer) + token_type: + type: string + example: "bearer" + expires_in: + type: integer + example: 3600 + description: How long until the tolen expired + refresh_token: + type: string + description: "Refresh tolen to create a new Access Token" + /server/settings: + post: + tags: + - "server" + summary: "Get the Server-Settings" + responses: + 200: + description: Token is valide, the user has logged in + schema: + type: object + properties: + data: + type: "array" + items: + type: object + properties: + name: + type: string + description: Name of the Setting + description: + type: string + description: "Description what the setting is doing" + typ: + type: string + description: "What kind of setting is it" + enum: + - checkbox + - textinput + - password + value: + type: string + description: "Value, type based on the typ of the setting" + success: + type: "boolean" + example: true + msg: + type: "string" + example: "" + + definitions: User: @@ -346,4 +792,180 @@ definitions: type: "boolean" example: false description: "If the user is a admin Account" - \ No newline at end of file + AppForOwner: + type: "object" + properties: + id: + type: integer + description: "ID of the APP" + example: 42 + created_at: + type: string + description: "Time the App was created" + example: "2019-04-25T13:54:29.000000Z" + updated_at: + type: string + description: "Last time the App was updated" + example: "2019-07-17T09:23:13.000000Z" + name: + type: string + description: "Name of the App" + example: "Gitea" + description: + type: string + description: "Description of the App" + example: "Self-hostet Git server for our organisation" + url: + type: string + description: "URL of the Webpage of the App" + example: "https://git.keks.cloud" + directUrl: + type: string + description: "Link to log the user in the App, if the user is alweady give access to the App this link should rederect the user direct to the Dashboard" + example: "https://git.keks.cloud/user/oauth2/KeksAccount" + apiKey: + type: string + description: "The API-Key for the App" + apiSecret: + type: string + description: "The API-Secret for the App" + properties: + type: object + properties: + testingWarning: + type: boolean + description: "Show a warning at the App-Page that the App is in Testing-Modus" + autoAccept: + type: boolean + description: "User don't have to accept to go to the app, if user is at the oAuth-Accept page he will direct redirect to the app" + untrustedWarning: + type: boolean + description: "Show a warning that the app is untrusted" + showOnWebpage: + type: boolean + description: "Show the App on the Startpage of the Webpage" + stopAutoRedirect: + type: boolean + description: "User alwasy have to click at the oAuth-Accept page to get redirect" + hideInAppList: + type: boolean + description: "User don't see this App in his App list" + userCantRemoveApp: + type: boolean + description: "User can't revoe access to this App in his App list" + access: + type: object + properties: + oAuth: + type: boolean + description: "App can use oAuth to autorize user" + api: + type: boolean + description: "App can make API Calls" + update_apps: + type: boolean + description: "App can make Updates to the users app (if the user is developer)" + update_profile: + type: boolean + description: "App can update the Users Profile" + update_access: + type: boolean + description: "App can revoke users Access to other Apps" + read_access: + type: boolean + description: "App can read users information from the api (Currently unimportend)" + read_apps: + type: boolean + description: "App can get a list of the users apps" + read_profile: + type: boolean + description: "App can read the profile from the user" + App: + type: "object" + properties: + id: + type: integer + description: "ID of the APP" + example: 42 + name: + type: string + description: "Name of the App" + example: "Gitea" + description: + type: string + description: "Description of the App" + example: "Self-hostet Git server for our organisation" + url: + type: string + description: "URL of the Webpage of the App" + example: "https://git.keks.cloud" + directUrl: + type: string + description: "Link to log the user in the App, if the user is alweady give access to the App this link should rederect the user direct to the Dashboard" + example: "https://git.keks.cloud/user/oauth2/KeksAccount" + properties: + type: object + properties: + testingWarning: + type: boolean + description: "Show a warning at the App-Page that the App is in Testing-Modus" + autoAccept: + type: boolean + description: "User don't have to accept to go to the app, if user is at the oAuth-Accept page he will direct redirect to the app" + untrustedWarning: + type: boolean + description: "Show a warning that the app is untrusted" + showOnWebpage: + type: boolean + description: "Show the App on the Startpage of the Webpage" + stopAutoRedirect: + type: boolean + description: "User alwasy have to click at the oAuth-Accept page to get redirect" + hideInAppList: + type: boolean + description: "User don't see this App in his App list" + userCantRemoveApp: + type: boolean + description: "User can't revoe access to this App in his App list" + access: + type: object + properties: + oAuth: + type: boolean + description: "App can use oAuth to autorize user" + api: + type: boolean + description: "App can make API Calls" + update_apps: + type: boolean + description: "App can make Updates to the users app (if the user is developer)" + update_profile: + type: boolean + description: "App can update the Users Profile" + update_access: + type: boolean + description: "App can revoke users Access to other Apps" + read_access: + type: boolean + description: "App can read users information from the api (Currently unimportend)" + read_apps: + type: boolean + description: "App can get a list of the users apps" + read_profile: + type: boolean + description: "App can read the profile from the user" + AppAccess: + type: object + properties: + app_id: + type: integer + description: ID of the App + user_id: + type: integer + description: ID of the User + status: + type: string + enum: + - "created" + - "allowed" + - "disabled" diff --git a/routes/web.php b/routes/web.php index fb58afe..726c17e 100644 --- a/routes/web.php +++ b/routes/web.php @@ -28,7 +28,7 @@ $router->group(['prefix' => 'gitlab', 'middleware' => 'gui'], function () use ($ }); -//Oauth URLS +//Oauth URLS, moved to /api, this is just that old versions still work $router->group(['prefix' => 'oauth'], function () use ($router) { $router->get("/authorize", ['middleware' => 'gui', 'uses' => 'oAuthController@authorizeView']); $router->post("/authorize", ['middleware' => 'gui', 'uses' => 'oAuthController@authorizeDo']); @@ -55,15 +55,16 @@ $router->group(['prefix' => 'api'], function () use ($router) { $router->get("/access", ["uses" => "API\oAuthController@getAccess"]); $router->post("/access/allow", ["uses" => "API\oAuthController@allowAccess"]); $router->get("/user", ["uses" => "API\AppController@getUsers"]); - - - }); }); $router->group(['prefix' => 'account'], function () use ($router) { $router->get("/", ['uses' => 'API\AccountController@getUsers']); $router->get("/{id}", ['uses' => 'API\AccountController@getUser']); }); + $router->group(['prefix' => 'oauth'], function () use ($router) { + $router->get("/authorize", ['middleware' => 'gui', 'uses' => 'oAuthController@authorizeView']); + $router->post("/token", ['uses' => 'oAuthController@token']); + }); }); });