2020-05-29 13:41:58 +02:00
|
|
|
<?php
|
|
|
|
|
|
|
|
namespace App\Controller;
|
|
|
|
|
|
|
|
use App\Controller\AppController;
|
|
|
|
use Cake\Utility\Hash;
|
|
|
|
use Cake\Utility\Text;
|
|
|
|
use \Cake\Database\Expression\QueryExpression;
|
|
|
|
use Cake\Http\Exception\NotFoundException;
|
|
|
|
use Cake\Http\Exception\MethodNotAllowedException;
|
|
|
|
use Cake\Http\Exception\ForbiddenException;
|
|
|
|
use Cake\Http\Exception\NotAcceptableException;
|
|
|
|
use Cake\Error\Debugger;
|
|
|
|
|
|
|
|
class EncryptionKeysController extends AppController
|
|
|
|
{
|
2024-05-14 15:18:31 +02:00
|
|
|
public $filterFields = ['owner_model', 'owner_id', 'encryption_key', 'Individuals.email', 'Organisations.name'];
|
|
|
|
public $quickFilterFields = [['encryption_key' => true], ['Individuals.email' => true], ['Organisations.name' => true]];
|
2021-09-10 11:55:54 +02:00
|
|
|
public $containFields = ['Individuals', 'Organisations'];
|
2021-11-17 17:04:39 +01:00
|
|
|
public $statisticsFields = ['type'];
|
2021-09-10 11:55:54 +02:00
|
|
|
|
2020-06-04 10:05:45 +02:00
|
|
|
public function index()
|
2020-05-29 13:41:58 +02:00
|
|
|
{
|
2024-03-29 16:33:33 +01:00
|
|
|
$currentUser = $this->ACL->getUser();
|
2022-10-21 15:25:52 +02:00
|
|
|
$this->EncryptionKeys->initializeGpg();
|
|
|
|
$Model = $this->EncryptionKeys;
|
2020-06-19 00:40:58 +02:00
|
|
|
$this->CRUD->index([
|
2021-09-10 11:55:54 +02:00
|
|
|
'quickFilters' => $this->quickFilterFields,
|
|
|
|
'filters' => $this->filterFields,
|
2021-01-11 16:28:07 +01:00
|
|
|
'contextFilters' => [
|
|
|
|
'fields' => [
|
|
|
|
'type'
|
|
|
|
]
|
|
|
|
],
|
2021-11-17 17:04:39 +01:00
|
|
|
'contain' => $this->containFields,
|
|
|
|
'statisticsFields' => $this->statisticsFields,
|
2024-03-29 16:33:33 +01:00
|
|
|
'afterFind' => function($data) use ($Model, $currentUser) {
|
2022-10-21 15:25:52 +02:00
|
|
|
if ($data['type'] === 'pgp') {
|
|
|
|
$keyInfo = $Model->verifySingleGPG($data);
|
|
|
|
$data['status'] = __('OK');
|
|
|
|
$data['fingerprint'] = __('N/A');
|
|
|
|
if (!$keyInfo[0]) {
|
|
|
|
$data['status'] = $keyInfo[2];
|
|
|
|
}
|
|
|
|
if (!empty($keyInfo[4])) {
|
|
|
|
$data['fingerprint'] = $keyInfo[4];
|
|
|
|
}
|
|
|
|
}
|
2024-03-29 16:33:33 +01:00
|
|
|
$data['_canBeEdited'] = $Model->canEdit($currentUser, $data);
|
2022-10-21 15:25:52 +02:00
|
|
|
return $data;
|
|
|
|
}
|
2020-06-19 00:40:58 +02:00
|
|
|
]);
|
2021-06-29 16:15:05 +02:00
|
|
|
$responsePayload = $this->CRUD->getResponsePayload();
|
|
|
|
if (!empty($responsePayload)) {
|
|
|
|
return $responsePayload;
|
2020-05-29 13:41:58 +02:00
|
|
|
}
|
2020-06-19 00:40:58 +02:00
|
|
|
$this->set('metaGroup', 'ContactDB');
|
2020-05-29 13:41:58 +02:00
|
|
|
}
|
|
|
|
|
|
|
|
public function delete($id)
|
|
|
|
{
|
2022-01-18 00:17:47 +01:00
|
|
|
$orgConditions = [];
|
|
|
|
$individualConditions = [];
|
|
|
|
$dropdownData = [];
|
|
|
|
$currentUser = $this->ACL->getUser();
|
|
|
|
$params = [];
|
|
|
|
if (empty($currentUser['role']['perm_admin'])) {
|
|
|
|
$params = $this->buildBeforeSave($params, $currentUser, $orgConditions, $individualConditions, $dropdownData);
|
|
|
|
}
|
|
|
|
$this->CRUD->delete($id, $params);
|
2021-06-29 16:15:05 +02:00
|
|
|
$responsePayload = $this->CRUD->getResponsePayload();
|
|
|
|
if (!empty($responsePayload)) {
|
|
|
|
return $responsePayload;
|
2020-05-29 13:41:58 +02:00
|
|
|
}
|
|
|
|
$this->set('metaGroup', 'ContactDB');
|
|
|
|
}
|
|
|
|
|
2022-01-18 00:17:47 +01:00
|
|
|
private function buildBeforeSave(array $params, $currentUser, array &$orgConditions, array &$individualConditions, array &$dropdownData): array
|
2020-05-29 13:41:58 +02:00
|
|
|
{
|
2022-01-18 15:35:55 +01:00
|
|
|
if (empty($currentUser['role']['perm_admin'])) {
|
|
|
|
$orgConditions = [
|
|
|
|
'id' => $currentUser['organisation_id']
|
2021-11-27 23:51:32 +01:00
|
|
|
];
|
2022-01-18 15:35:55 +01:00
|
|
|
if (empty($currentUser['role']['perm_org_admin'])) {
|
|
|
|
$individualConditions = [
|
|
|
|
'id' => $currentUser['individual_id']
|
|
|
|
];
|
2023-02-24 10:35:25 +01:00
|
|
|
$orgConditions = [
|
|
|
|
'id' => -1, // Only org_admins are allowed to manage their org's encryption keys
|
|
|
|
];
|
2022-01-18 16:56:38 +01:00
|
|
|
} else {
|
|
|
|
$this->loadModel('Alignments');
|
|
|
|
$individualConditions = ['id IN' => $this->Alignments->find('list', [
|
|
|
|
'keyField' => 'id',
|
|
|
|
'valueField' => 'individual_id',
|
|
|
|
'conditions' => ['organisation_id' => $currentUser['organisation_id']]
|
|
|
|
])->toArray()];
|
2022-01-18 15:35:55 +01:00
|
|
|
}
|
|
|
|
$params['beforeSave'] = function($entity) use($currentUser) {
|
|
|
|
if ($entity['owner_model'] === 'organisation') {
|
2024-03-29 16:33:33 +01:00
|
|
|
if (!$this->EncryptionKeys->canEditForOrganisation($currentUser, $entity)) {
|
2022-01-18 15:35:55 +01:00
|
|
|
throw new MethodNotAllowedException(__('Selected organisation cannot be linked by the current user.'));
|
2022-01-18 00:17:47 +01:00
|
|
|
}
|
2024-03-29 16:33:33 +01:00
|
|
|
} else if ($entity['owner_model'] === 'individual') {
|
|
|
|
if (!$this->EncryptionKeys->canEditForIndividual($currentUser, $entity)) {
|
|
|
|
throw new MethodNotAllowedException(__('Selected individual cannot be linked by the current user.'));
|
2021-11-24 01:32:05 +01:00
|
|
|
}
|
|
|
|
}
|
2022-01-18 15:35:55 +01:00
|
|
|
return $entity;
|
|
|
|
};
|
2020-05-29 13:41:58 +02:00
|
|
|
}
|
2020-06-04 10:05:45 +02:00
|
|
|
$this->loadModel('Organisations');
|
|
|
|
$this->loadModel('Individuals');
|
|
|
|
$dropdownData = [
|
2022-01-18 14:59:41 +01:00
|
|
|
'organisation' => $this->Organisations->find('list')->order(['name' => 'asc'])->where($orgConditions)->all()->toArray(),
|
|
|
|
'individual' => $this->Individuals->find('list')->order(['email' => 'asc'])->where($individualConditions)->all()->toArray()
|
2020-06-04 10:05:45 +02:00
|
|
|
];
|
2023-02-24 10:35:25 +01:00
|
|
|
foreach ($dropdownData as $modelName => $list) {
|
|
|
|
if (empty($list)) {
|
|
|
|
unset($dropdownData[$modelName]);
|
|
|
|
}
|
|
|
|
}
|
2022-01-18 00:17:47 +01:00
|
|
|
return $params;
|
|
|
|
}
|
|
|
|
|
|
|
|
public function add()
|
|
|
|
{
|
|
|
|
$orgConditions = [];
|
|
|
|
$individualConditions = [];
|
|
|
|
$dropdownData = [];
|
|
|
|
$currentUser = $this->ACL->getUser();
|
|
|
|
$params = [
|
|
|
|
'redirect' => $this->referer()
|
|
|
|
];
|
2022-01-18 15:35:55 +01:00
|
|
|
$params = $this->buildBeforeSave($params, $currentUser, $orgConditions, $individualConditions, $dropdownData);
|
2022-01-18 00:17:47 +01:00
|
|
|
$this->CRUD->add($params);
|
|
|
|
$responsePayload = $this->CRUD->getResponsePayload();
|
|
|
|
if (!empty($responsePayload)) {
|
|
|
|
return $responsePayload;
|
|
|
|
}
|
2020-06-04 10:05:45 +02:00
|
|
|
$this->set(compact('dropdownData'));
|
2020-05-29 13:41:58 +02:00
|
|
|
$this->set('metaGroup', 'ContactDB');
|
|
|
|
}
|
2020-11-06 10:45:00 +01:00
|
|
|
|
|
|
|
public function edit($id = false)
|
|
|
|
{
|
2022-01-18 00:17:47 +01:00
|
|
|
$orgConditions = [];
|
|
|
|
$individualConditions = [];
|
|
|
|
$dropdownData = [];
|
2021-11-24 01:32:05 +01:00
|
|
|
$currentUser = $this->ACL->getUser();
|
2020-11-06 10:45:00 +01:00
|
|
|
$params = [
|
|
|
|
'fields' => [
|
|
|
|
'type', 'encryption_key', 'revoked'
|
|
|
|
],
|
|
|
|
'redirect' => $this->referer()
|
|
|
|
];
|
2021-11-24 01:32:05 +01:00
|
|
|
if (empty($currentUser['role']['perm_admin'])) {
|
2022-01-18 00:17:47 +01:00
|
|
|
$params = $this->buildBeforeSave($params, $currentUser, $orgConditions, $individualConditions, $dropdownData);
|
2021-11-24 01:32:05 +01:00
|
|
|
}
|
2020-11-06 10:45:00 +01:00
|
|
|
$this->CRUD->edit($id, $params);
|
2021-06-29 16:15:05 +02:00
|
|
|
$responsePayload = $this->CRUD->getResponsePayload();
|
|
|
|
if (!empty($responsePayload)) {
|
|
|
|
return $responsePayload;
|
2020-11-06 10:45:00 +01:00
|
|
|
}
|
|
|
|
$this->set('dropdownData', []);
|
|
|
|
$this->set('metaGroup', 'ContactDB');
|
|
|
|
$this->render('add');
|
|
|
|
}
|
2022-01-17 09:45:45 +01:00
|
|
|
|
|
|
|
public function view($id = false)
|
|
|
|
{
|
2022-10-21 15:25:52 +02:00
|
|
|
$this->EncryptionKeys->initializeGpg();
|
|
|
|
$Model = $this->EncryptionKeys;
|
2022-01-17 09:45:45 +01:00
|
|
|
$this->CRUD->view($id, [
|
2022-10-21 15:25:52 +02:00
|
|
|
'contain' => ['Individuals', 'Organisations'],
|
|
|
|
'afterFind' => function($data) use ($Model) {
|
|
|
|
if ($data['type'] === 'pgp') {
|
|
|
|
$keyInfo = $Model->verifySingleGPG($data);
|
|
|
|
if (!$keyInfo[0]) {
|
|
|
|
$data['pgp_error'] = $keyInfo[2];
|
|
|
|
}
|
|
|
|
if (!empty($keyInfo[4])) {
|
|
|
|
$data['pgp_fingerprint'] = $keyInfo[4];
|
|
|
|
}
|
|
|
|
}
|
|
|
|
return $data;
|
|
|
|
}
|
2022-01-17 09:45:45 +01:00
|
|
|
]);
|
|
|
|
$responsePayload = $this->CRUD->getResponsePayload();
|
|
|
|
if (!empty($responsePayload)) {
|
|
|
|
return $responsePayload;
|
|
|
|
}
|
|
|
|
$this->set('metaGroup', 'ContactDB');
|
|
|
|
}
|
2020-05-29 13:41:58 +02:00
|
|
|
}
|