This repository has been archived on 2024-07-27. You can view files and clone it, but cannot push or open issues or pull requests.
keksAccount/app/Http/Controllers/API/AppController.php
2019-12-25 19:33:53 +01:00

239 lines
7.5 KiB
PHP

<?php
namespace App\Http\Controllers\API;
use App\Exceptions\HTTPException;
use App\Exceptions\NoPermissionException;
use App\Exceptions\NotLoggedInException;
use App\Exceptions\ResourceNotFound;
use App\Http\Resources\API\App;
use App\Http\Resources\API\AppAccess;
use App\Http\Resources\API\AppForOwner;
use App\Http\Resources\API\AppUser;
use App\Models\Setting;
use App\Models\User;
use Aws\S3\S3Client;
use Illuminate\Http\Request;
use Illuminate\Support\Facades\Auth;
use Illuminate\Support\Facades\Log;
use Laravel\Lumen\Routing\Controller as BaseController;
use TaGeSo\APIResponse\Response;
class AppController extends BaseController
{
public function createApp(Request $request, Response $response) {
if(!Auth::check()) {
throw new NotLoggedInException();
}
if (!Auth::user()->developer) {
throw new NoPermissionException(403, "You need a developer Account to create new Apps.");
}
if (!app('currentAccess')->getApp()->access_update_apps) {
throw new NoPermissionException(403, "App has no access to perform this request.");
}
$this->validate($request, [
'name' => 'required|max:255|min:3|regex:@^[a-zA-Z0-9]*$@|unique:apps',
'description' => 'required|min:3',
'url' => 'required|url'
]);
$app = \App\Models\App::createApp($request->input("name"), htmlspecialchars($request->input("description")), $request->input("url"), Auth::user());
return $response->withData(new AppForOwner($app));
}
public function listApps(Response $response) {
if (!Auth::check()) {
throw new NotLoggedInException();
}
if (!Auth::user()->developer) {
throw new NoPermissionException(403, "You need a developer Account to create new Apps.");
}
if (!app('currentAccess')->getApp()->access_read_apps) {
throw new NoPermissionException(403, "App has no access to perform this request.");
}
$apps = \App\Models\App::query()->where("user_id", "=", Auth::user()->id)->paginate(100);
$response->setPagination(
$apps->currentPage(),
$apps->lastPage(),
$apps->perPage()
);
return $response->withData(AppForOwner::collection($apps));
}
public function appDetails(Response $response, $id) {
if(!Auth::check()) {
throw new NotLoggedInException();
}
$app = \App\Models\App::query()->where("id", "=", (int)$id)->firstOrFail();
if($app->user_id == Auth::user()->id || Auth::user()->admin) {
return $response->withData(new AppForOwner($app));
}
return $response->withData(new App($app));
}
public function findApp(Response $response, \Illuminate\Http\Request $request) {
$this->validate($request, [
'apiKey' => '',
'webpage' => ''
]);
if(!$request->input("webpage", false) || !empty($request->input("apiKey"))) {
if(!Auth::check()) {
throw new NotLoggedInException();
}
}
$query = \App\Models\App::query();
if($request->input("apiKey", false)) {
$query->where("apiKey", "=", $request->input("apiKey"));
}
if($request->input("webpage", false)) {
$query->where("show_on_webpage", "=", 1);
}
$apps = $query->paginate(20);
$response->setPagination($apps->currentPage(), $apps->lastPage(), $apps->perPage());
return $response->withData(App::collection($apps));
}
public function updateApp(Response $response, \Illuminate\Http\Request $request, $id) {
if(!Auth::check()) {
throw new NotLoggedInException();
}
$this->validate($request, [
'name' => 'required|max:255|min:3|regex:@^[a-zA-Z0-9]*$@',
'description' => 'required|min:3',
'url' => 'required|url',
'direct_url' => 'url'
]);
$app = \App\Models\App::query()->where("id", "=", $id)->firstOrFail();
if($app->user_id != Auth::user()->id) {
throw new NoPermissionException(403, "Not your app (".$app->user_id."/".Auth::user()->id.")");
}
$app->name = $request->input("name");
$app->description = $request->input("description");
$app->url = $request->input("url");
$app->direct_url = $request->input("direct_url");
$app->saveOrFail();
return $response->withData(new AppForOwner($app));
}
public function getUsers(Response $response, $id) {
if(!Auth::check()) {
throw new NotLoggedInException();
}
$app = \App\Models\App::query()->where("id", "=", $id)->firstOrFail();
if($app->user_id != Auth::user()->id) {
throw new NoPermissionException(403, "Not your app");
}
$access = \App\Models\AppAccess::query()->where("status", "=", "allowed")->where("app_id", "=", $id)->paginate(100);
$response->setPagination(
$access->currentPage(),
$access->lastPage(),
$access->perPage()
);
return $response->withData(AppUser::collection($access));
}
public function changeImage(Request $request, Response $response, $id) {
if(!Auth::check()) {
throw new NotLoggedInException();
}
$newTmp = tempnam("", "icon_upload");
$request->file("img")->move("/tmp", $newTmp);
$info = getimagesize($newTmp);
Log::debug("Image sitze", $info);
Log::debug("File size ".filesize($newTmp));
if($info["0"] != $info["1"]) {
throw new HTTPException(400, "Image must be a squader.");
}
if($info[0] > 1000) {
throw new HTTPException(400, "Image is to big, max 1000 px.");
}
if($info[0] < 50) {
throw new HTTPException(400, "Image is to small, min 50 px.");
}
$app = \App\Models\App::query()->where("id", "=", $id)->firstOrFail();
if($app->user_id != Auth::user()->id) {
throw new NoPermissionException(403, "Not your app (".$app->user_id."/".Auth::user()->id.")");
}
$image = imagecreatefrompng($newTmp);
imagepng($image, $newTmp."2", 2);
Log::debug("New File size ".filesize($newTmp."2"));
$s3 = app(S3Client::class);
$result = $s3->putObject([
"Bucket" => getenv("S3_Bucket"),
"Key" => "icons/icon_".$app->id.".png",
"SourceFile" => $newTmp,
'ACL' => 'public-read'
]);
$app->iconURL = $result['ObjectURL'];
$app->saveOrFail();
return $response->withData(["url" => $result['ObjectURL']]);
}
public function getAppIcon($id) {
$app = \App\Models\App::query()->where("id", "=", $id)->firstOrFail();
if(!is_dir(storage_path("icon"))) {
mkdir(storage_path("icon"));
}
$cacheFile = storage_path("icon/".$app->id.".png");
if(file_exists($cacheFile)) {
$icon = file_get_contents($cacheFile);
} else {
if(!empty($app->iconURL)) {
$icon = file_get_contents($app->iconURL);
file_put_contents($cacheFile, $icon);
} else {
$icon = file_get_contents(resource_path("images/app.png"));
}
}
$r = getimagesizefromstring($icon);
return response($icon)
->header('Content-Type',$r["mime"]);
}
}