This commit is contained in:
Kekskurse 2019-07-17 18:34:08 +02:00
parent 24a33b7d7c
commit bd45f6091a
3 changed files with 637 additions and 7 deletions

View file

@ -28,9 +28,16 @@ class AppController extends BaseController
throw new NoPermissionException(403, "App has no access to perform this request."); throw new NoPermissionException(403, "App has no access to perform this request.");
} }
$apps = \App\Models\App::query()->where("user_id", "=", Auth::user()->id)->get();
return $response->withData(AppForOwner::collection(collect($apps))); $apps = \App\Models\App::query()->where("user_id", "=", Auth::user()->id)->paginate(100);
$response->setPagination(
$apps->currentPage(),
$apps->lastPage(),
$apps->perPage()
);
return $response->withData(AppForOwner::collection($apps));
} }
public function appDetails(Response $response, $id) { public function appDetails(Response $response, $id) {
if(!Auth::check()) { if(!Auth::check()) {

View file

@ -15,6 +15,10 @@ tags:
description: "The User-Account" description: "The User-Account"
- name: "user" - name: "user"
description: "Register and Login to an Account" description: "Register and Login to an Account"
- name: "admin"
description: "Calls for the Admin users only"
- name: "apps"
description: "Information and Actions about Apps"
schemes: schemes:
- "https" - "https"
paths: paths:
@ -304,6 +308,448 @@ paths:
msg: msg:
type: "string" type: "string"
example: "You need to login" example: "You need to login"
/account:
get:
tags:
- "account"
- "admin"
summary: "ADMIN! Return a list of all users"
description: "Return a list with all users in the system."
parameters:
- in: query
name: page
description: "Which page should be returned"
required: false
type: string
responses:
200:
description: "Found user and return informations"
schema:
type: "object"
properties:
data:
type: array
items:
$ref: '#/definitions/User'
success:
type: "boolean"
example: true
msg:
type: "string"
example: ""
pagination:
type: "object"
properties:
currentPage:
type: integer
pageCount:
type: integer
itemsPerPage:
type: integer
401:
description: "Not logged in"
schema:
type: "object"
properties:
success:
type: "boolean"
example: false
msg:
type: "string"
example: "You need to login"
403:
description: "You dont have the permission to see this data"
schema:
type: "object"
properties:
success:
type: "boolean"
example: false
msg:
type: "string"
example: "You need to login"
/account/{id}:
get:
tags:
- "account"
- "admin"
summary: "ADMIN! Return a User object"
description: ""
parameters:
- in: path
name: id
description: "User ID to get details from"
required: true
type: string
responses:
200:
description: "Found user and return informations"
schema:
type: "object"
properties:
data:
$ref: '#/definitions/User'
success:
type: "boolean"
example: true
msg:
type: "string"
example: ""
pagination:
type: "object"
properties:
currentPage:
type: integer
pageCount:
type: integer
itemsPerPage:
type: integer
401:
description: "Not logged in"
schema:
type: "object"
properties:
success:
type: "boolean"
example: false
msg:
type: "string"
example: "You need to login"
403:
description: "You dont have the permission to see this data"
schema:
type: "object"
properties:
success:
type: "boolean"
example: false
msg:
type: "string"
example: "You need to login"
/app:
get:
tags:
- "apps"
summary: "Return a list of the Users Apps"
description: ""
responses:
200:
description: "List of Apps"
schema:
type: "object"
properties:
data:
type: array
items:
$ref: '#/definitions/AppForOwner'
success:
type: "boolean"
example: true
msg:
type: "string"
example: ""
pagination:
type: "object"
properties:
currentPage:
type: integer
pageCount:
type: integer
itemsPerPage:
type: integer
/app/find:
get:
tags:
- "apps"
summary: "Find Apps on the given Informations"
description: "If no paramtes are given it will return a complete list of all Apps"
parameters:
- in: query
name: apiKey
description: "Search an app based on the API-Key"
required: false
type: string
responses:
200:
description: "List of Apps"
schema:
type: "object"
properties:
data:
type: array
items:
$ref: '#/definitions/App'
success:
type: "boolean"
example: true
msg:
type: "string"
example: ""
pagination:
type: "object"
properties:
currentPage:
type: integer
pageCount:
type: integer
itemsPerPage:
type: integer
/app/{id}:
get:
tags:
- "apps"
summary: "Return information about an app"
description: "If the User is owner of the App it will return a AppForOwner Object, if not just an App bject."
parameters:
- in: path
name: id
description: "App ID"
required: true
type: string
responses:
200:
description: "List of Apps"
schema:
type: "object"
properties:
data:
$ref: '#/definitions/App'
success:
type: "boolean"
example: true
msg:
type: "string"
example: ""
put:
tags:
- "apps"
summary: "Update App Details"
description: ""
produces:
- "application/json"
consumes:
- "multipart/form-data"
- "application/json"
parameters:
- in: path
name: id
required: true
type: integer
- in: formData
name: name
description: "Name of the app"
required: false
type: string
- in: formData
name: description
description: "Description of the App"
required: false
type: string
- in: formData
name: url
description: "App Webpage URL"
required: false
type: string
- in: formData
name: direct_url
description: "Direct Login URL"
required: false
type: string
responses:
200:
description: "List of Apps"
schema:
type: "object"
properties:
data:
$ref: '#/definitions/AppForOwner'
success:
type: "boolean"
example: true
msg:
type: "string"
example: ""
/app/{id}/access:
get:
tags:
- "apps"
- "oAuth"
summary: "Return Access Information about the current user and this App"
description: "If the App is auto_accept it will direct creat and return a access object with allowd status. If status is allowed you can redirect the user back to the app."
produces:
- "application/json"
consumes:
- "multipart/form-data"
- "application/json"
parameters:
- in: path
name: id
description: "App ID"
required: true
type: string
responses:
200:
description: "List of Apps"
schema:
type: "object"
properties:
data:
$ref: '#/definitions/AppAccess'
success:
type: "boolean"
example: true
msg:
type: "string"
example: ""
/app/{id}/access/allow:
post:
tags:
- "apps"
- "oAuth"
summary: "Set the Access to allow and return an appCode/redirectURL"
description: "If the user clicks on the 'Login to XY' button this endpoint create the code for the App and a return url, the gui redirect the User to this url to finish the login"
produces:
- "application/json"
consumes:
- "multipart/form-data"
- "application/json"
parameters:
- in: path
name: id
description: "App ID"
required: true
type: string
- in: formData
name: redirect_uri
description: "The Redirect URL given by the App as GET-Paremter"
required: true
type: string
- in: formData
name: state
description: "Give from the APP as GET-Parameter"
required: false
type: string
responses:
200:
description: "List of Apps"
schema:
type: "object"
properties:
data:
type: "object"
properties:
appCode:
type: string
description: "Code for the App to create a oAuth Bear and oAuth Refresh token with"
redirectUrl:
type: string
description: "URL to redirect the user to, contains all needet informations."
success:
type: "boolean"
example: true
msg:
type: "string"
example: ""
/oauth/authorize:
get:
tags:
- "oAuth"
summary: "Entry Point for Apps to start oAuth workflow"
consumes:
- "multipart/form-data"
- "application/json"
parameters:
- in: query
name: client_id
description: "API-Key for the App the login should be started"
required: true
type: string
- in: query
name: redirect_uri
description: "URL to redirect the user back if he want to join the app"
required: true
type: string
- in: query
name: state
description: "Param from the App, added to the redirect url"
required: false
type: string
responses:
200:
description: Return a HTML view or redirect the user to a HTML-View to give Access to the App
/oauth/token:
post:
tags:
- "oAuth"
summary: "Get Beare Access Token and Refresh Token from AppCode"
consumes:
- "multipart/form-data"
- "application/json"
parameters:
- in: formData
name: code
description: "Code give from the GET-Request the user is redirectet to."
required: true
type: string
responses:
200:
description: Token is valide, the user has logged in
schema:
type: object
properties:
access_token:
type: string
description: Access Token (bearer)
token_type:
type: string
example: "bearer"
expires_in:
type: integer
example: 3600
description: How long until the tolen expired
refresh_token:
type: string
description: "Refresh tolen to create a new Access Token"
/server/settings:
post:
tags:
- "server"
summary: "Get the Server-Settings"
responses:
200:
description: Token is valide, the user has logged in
schema:
type: object
properties:
data:
type: "array"
items:
type: object
properties:
name:
type: string
description: Name of the Setting
description:
type: string
description: "Description what the setting is doing"
typ:
type: string
description: "What kind of setting is it"
enum:
- checkbox
- textinput
- password
value:
type: string
description: "Value, type based on the typ of the setting"
success:
type: "boolean"
example: true
msg:
type: "string"
example: ""
definitions: definitions:
User: User:
@ -346,4 +792,180 @@ definitions:
type: "boolean" type: "boolean"
example: false example: false
description: "If the user is a admin Account" description: "If the user is a admin Account"
AppForOwner:
type: "object"
properties:
id:
type: integer
description: "ID of the APP"
example: 42
created_at:
type: string
description: "Time the App was created"
example: "2019-04-25T13:54:29.000000Z"
updated_at:
type: string
description: "Last time the App was updated"
example: "2019-07-17T09:23:13.000000Z"
name:
type: string
description: "Name of the App"
example: "Gitea"
description:
type: string
description: "Description of the App"
example: "Self-hostet Git server for our organisation"
url:
type: string
description: "URL of the Webpage of the App"
example: "https://git.keks.cloud"
directUrl:
type: string
description: "Link to log the user in the App, if the user is alweady give access to the App this link should rederect the user direct to the Dashboard"
example: "https://git.keks.cloud/user/oauth2/KeksAccount"
apiKey:
type: string
description: "The API-Key for the App"
apiSecret:
type: string
description: "The API-Secret for the App"
properties:
type: object
properties:
testingWarning:
type: boolean
description: "Show a warning at the App-Page that the App is in Testing-Modus"
autoAccept:
type: boolean
description: "User don't have to accept to go to the app, if user is at the oAuth-Accept page he will direct redirect to the app"
untrustedWarning:
type: boolean
description: "Show a warning that the app is untrusted"
showOnWebpage:
type: boolean
description: "Show the App on the Startpage of the Webpage"
stopAutoRedirect:
type: boolean
description: "User alwasy have to click at the oAuth-Accept page to get redirect"
hideInAppList:
type: boolean
description: "User don't see this App in his App list"
userCantRemoveApp:
type: boolean
description: "User can't revoe access to this App in his App list"
access:
type: object
properties:
oAuth:
type: boolean
description: "App can use oAuth to autorize user"
api:
type: boolean
description: "App can make API Calls"
update_apps:
type: boolean
description: "App can make Updates to the users app (if the user is developer)"
update_profile:
type: boolean
description: "App can update the Users Profile"
update_access:
type: boolean
description: "App can revoke users Access to other Apps"
read_access:
type: boolean
description: "App can read users information from the api (Currently unimportend)"
read_apps:
type: boolean
description: "App can get a list of the users apps"
read_profile:
type: boolean
description: "App can read the profile from the user"
App:
type: "object"
properties:
id:
type: integer
description: "ID of the APP"
example: 42
name:
type: string
description: "Name of the App"
example: "Gitea"
description:
type: string
description: "Description of the App"
example: "Self-hostet Git server for our organisation"
url:
type: string
description: "URL of the Webpage of the App"
example: "https://git.keks.cloud"
directUrl:
type: string
description: "Link to log the user in the App, if the user is alweady give access to the App this link should rederect the user direct to the Dashboard"
example: "https://git.keks.cloud/user/oauth2/KeksAccount"
properties:
type: object
properties:
testingWarning:
type: boolean
description: "Show a warning at the App-Page that the App is in Testing-Modus"
autoAccept:
type: boolean
description: "User don't have to accept to go to the app, if user is at the oAuth-Accept page he will direct redirect to the app"
untrustedWarning:
type: boolean
description: "Show a warning that the app is untrusted"
showOnWebpage:
type: boolean
description: "Show the App on the Startpage of the Webpage"
stopAutoRedirect:
type: boolean
description: "User alwasy have to click at the oAuth-Accept page to get redirect"
hideInAppList:
type: boolean
description: "User don't see this App in his App list"
userCantRemoveApp:
type: boolean
description: "User can't revoe access to this App in his App list"
access:
type: object
properties:
oAuth:
type: boolean
description: "App can use oAuth to autorize user"
api:
type: boolean
description: "App can make API Calls"
update_apps:
type: boolean
description: "App can make Updates to the users app (if the user is developer)"
update_profile:
type: boolean
description: "App can update the Users Profile"
update_access:
type: boolean
description: "App can revoke users Access to other Apps"
read_access:
type: boolean
description: "App can read users information from the api (Currently unimportend)"
read_apps:
type: boolean
description: "App can get a list of the users apps"
read_profile:
type: boolean
description: "App can read the profile from the user"
AppAccess:
type: object
properties:
app_id:
type: integer
description: ID of the App
user_id:
type: integer
description: ID of the User
status:
type: string
enum:
- "created"
- "allowed"
- "disabled"

View file

@ -28,7 +28,7 @@ $router->group(['prefix' => 'gitlab', 'middleware' => 'gui'], function () use ($
}); });
//Oauth URLS //Oauth URLS, moved to /api, this is just that old versions still work
$router->group(['prefix' => 'oauth'], function () use ($router) { $router->group(['prefix' => 'oauth'], function () use ($router) {
$router->get("/authorize", ['middleware' => 'gui', 'uses' => 'oAuthController@authorizeView']); $router->get("/authorize", ['middleware' => 'gui', 'uses' => 'oAuthController@authorizeView']);
$router->post("/authorize", ['middleware' => 'gui', 'uses' => 'oAuthController@authorizeDo']); $router->post("/authorize", ['middleware' => 'gui', 'uses' => 'oAuthController@authorizeDo']);
@ -55,15 +55,16 @@ $router->group(['prefix' => 'api'], function () use ($router) {
$router->get("/access", ["uses" => "API\oAuthController@getAccess"]); $router->get("/access", ["uses" => "API\oAuthController@getAccess"]);
$router->post("/access/allow", ["uses" => "API\oAuthController@allowAccess"]); $router->post("/access/allow", ["uses" => "API\oAuthController@allowAccess"]);
$router->get("/user", ["uses" => "API\AppController@getUsers"]); $router->get("/user", ["uses" => "API\AppController@getUsers"]);
}); });
}); });
$router->group(['prefix' => 'account'], function () use ($router) { $router->group(['prefix' => 'account'], function () use ($router) {
$router->get("/", ['uses' => 'API\AccountController@getUsers']); $router->get("/", ['uses' => 'API\AccountController@getUsers']);
$router->get("/{id}", ['uses' => 'API\AccountController@getUser']); $router->get("/{id}", ['uses' => 'API\AccountController@getUser']);
}); });
$router->group(['prefix' => 'oauth'], function () use ($router) {
$router->get("/authorize", ['middleware' => 'gui', 'uses' => 'oAuthController@authorizeView']);
$router->post("/token", ['uses' => 'oAuthController@token']);
});
}); });
}); });