Weekly sync 2022-06-14

This commit is contained in:
Pavel Dmitriev 2022-06-14 15:16:56 +03:00
parent 68db950971
commit eab59a060b
13 changed files with 274 additions and 22 deletions

View File

@ -54,6 +54,8 @@ try {
}
ob_clean();
header('Content-Type: application/json; charset=utf-8');
$apiMethod=fox\common::clearInput($request->method,"A-Z");
$apiFunction=fox\common::clearInput($request->function,"a-zA-Z0-9");
$apiXFunction=empty($request->parameters[0])?NULL:fox\common::clearInput($request->parameters[0],"a-zA-Z0-9");
@ -78,6 +80,7 @@ try {
} catch (fox\foxRequestResult $e) {
ob_clean();
header('Content-Type: application/json; charset=utf-8');
header('HTTP/1.0 '.$e->getCode().' '.$e->getMessage(), true, $e->getCode());
if ($e->retVal===null) {
print json_encode(["status"=>$e->getMessage()]);

115
core/fox/UUID.php Normal file
View File

@ -0,0 +1,115 @@
<?php namespace fox;
/**
*
* @author Andrew Moore https://www.php.net/manual/ru/function.uniqid.php
*
**/
class UUID {
public static function v3($namespace, $name) {
if(!self::is_valid($namespace)) return false;
// Get hexadecimal components of namespace
$nhex = str_replace(array('-','{','}'), '', $namespace);
// Binary Value
$nstr = '';
// Convert Namespace UUID to bits
for($i = 0; $i < strlen($nhex); $i+=2) {
$nstr .= chr(hexdec($nhex[$i].$nhex[$i+1]));
}
// Calculate hash value
$hash = md5($nstr . $name);
return sprintf('%08s-%04s-%04x-%04x-%12s',
// 32 bits for "time_low"
substr($hash, 0, 8),
// 16 bits for "time_mid"
substr($hash, 8, 4),
// 16 bits for "time_hi_and_version",
// four most significant bits holds version number 3
(hexdec(substr($hash, 12, 4)) & 0x0fff) | 0x3000,
// 16 bits, 8 bits for "clk_seq_hi_res",
// 8 bits for "clk_seq_low",
// two most significant bits holds zero and one for variant DCE1.1
(hexdec(substr($hash, 16, 4)) & 0x3fff) | 0x8000,
// 48 bits for "node"
substr($hash, 20, 12)
);
}
public static function v4() {
return sprintf('%04x%04x-%04x-%04x-%04x-%04x%04x%04x',
// 32 bits for "time_low"
mt_rand(0, 0xffff), mt_rand(0, 0xffff),
// 16 bits for "time_mid"
mt_rand(0, 0xffff),
// 16 bits for "time_hi_and_version",
// four most significant bits holds version number 4
mt_rand(0, 0x0fff) | 0x4000,
// 16 bits, 8 bits for "clk_seq_hi_res",
// 8 bits for "clk_seq_low",
// two most significant bits holds zero and one for variant DCE1.1
mt_rand(0, 0x3fff) | 0x8000,
// 48 bits for "node"
mt_rand(0, 0xffff), mt_rand(0, 0xffff), mt_rand(0, 0xffff)
);
}
public static function v5($namespace, $name) {
if(!self::is_valid($namespace)) return false;
// Get hexadecimal components of namespace
$nhex = str_replace(array('-','{','}'), '', $namespace);
// Binary Value
$nstr = '';
// Convert Namespace UUID to bits
for($i = 0; $i < strlen($nhex); $i+=2) {
$nstr .= chr(hexdec($nhex[$i].$nhex[$i+1]));
}
// Calculate hash value
$hash = sha1($nstr . $name);
return sprintf('%08s-%04s-%04x-%04x-%12s',
// 32 bits for "time_low"
substr($hash, 0, 8),
// 16 bits for "time_mid"
substr($hash, 8, 4),
// 16 bits for "time_hi_and_version",
// four most significant bits holds version number 5
(hexdec(substr($hash, 12, 4)) & 0x0fff) | 0x5000,
// 16 bits, 8 bits for "clk_seq_hi_res",
// 8 bits for "clk_seq_low",
// two most significant bits holds zero and one for variant DCE1.1
(hexdec(substr($hash, 16, 4)) & 0x3fff) | 0x8000,
// 48 bits for "node"
substr($hash, 20, 12)
);
}
public static function is_valid($uuid) {
return preg_match('/^\{?[0-9a-f]{8}\-?[0-9a-f]{4}\-?[0-9a-f]{4}\-?'.
'[0-9a-f]{4}\-?[0-9a-f]{12}\}?$/i', $uuid) === 1;
}
}

View File

@ -147,7 +147,7 @@ class baseClass extends dbStoredBase implements \JsonSerializable, jsonImportabl
# parent::__construct($id, $sql, $prefix, $settings);
$this->__settings = $settings;
if (empty($this::$baseSqlSelectTemplate) && ! empty($this::$sqlTable)) {
$this->__sqlSelectTemplate = "select * from `" . $this::$sqlTable . "` as `i`";
$this->__sqlSelectTemplate = "select `i`.* from `" . $this::$sqlTable . "` as `i`";
} else {
$this->__sqlSelectTemplate = $this::$baseSqlSelectTemplate;
}
@ -589,10 +589,11 @@ class baseClass extends dbStoredBase implements \JsonSerializable, jsonImportabl
}
$xRes=static::xSearch($where, $pattern, $options, $sql);
$where = $xRes["where"];
$join=$xRes["join"];
$where = array_key_exists("where",$xRes)?$xRes["where"]:"";
$join=array_key_exists("join",$xRes)?$xRes["join"]:"";
$groupBy=array_key_exists("group",$xRes)?$xRes["group"]:"";
$sqlQueryString=$ref->sqlSelectTemplate.(empty($join)?"":" ".$join).(empty($where)?"":" WHERE ".$where).(empty($limit)?"":" ".$limit);
$sqlQueryString=$ref->sqlSelectTemplate.(empty($join)?"":" ".$join).(empty($where)?"":" WHERE ".$where).(empty($groupBy)?"":" GROUP BY ".$groupBy).(empty($limit)?"":" ".$limit);
$res=$sql->quickExec($sqlQueryString);
$rv=new searchResult();

View File

@ -90,11 +90,7 @@ class common
static function getGUIDc()
{
mt_srand((double) microtime() * 10000); // optional for php 4.2.0 and up.
$charid = strtoupper(md5(uniqid(rand(), true)));
$hyphen = chr(45); // "-"
return substr($charid, 0, 8) . $hyphen . substr($charid, 8, 4) . $hyphen . substr($charid, 12, 4) . $hyphen . substr($charid, 16, 4) . $hyphen . substr($charid, 20, 12);
return strtoupper(UUID::v4());
}
static function getGUID()

View File

@ -43,6 +43,10 @@ class modules implements externalCallable
"adminAuthMethods"=>"Manage auth methods",
"viewCompanies"=>"View companies",
"adminCompanies"=>"Manage companies",
"viewAllGroups"=>"Search in all groups and lists",
"viewAllLists"=>"Search in all lists",
"viewAllUsers"=>"Search in all users",
"viewOwnListsUsers"=>"Search users only from own lists"
],
"configKeys"=> [
"converterURL"=>"FoxConverter URL prefix",

View File

@ -180,6 +180,27 @@ class request extends baseClass implements noSqlMigration
throw new foxException("Forbidden", 403);
}
}
public function checkAccess(string $rule, string $modInstance=null) {
if ($modInstance==null) { $modInstance=$this->instance; }
return $this->user->checkAccess($rule, $modInstance);
}
public function getRequestBodyItem($key) {
if ($this->requestBody!=null && property_exists($this->requestBody, $key)) {
return $this->requestBody->{$key};
} else {
return null;
}
}
public function getParamItem($key) {
if ($this->parameters !=null && array_key_exists($key, $this->parameters)) {
return $this->parameters[$key];
} else {
return null;
}
}
}
?>

View File

@ -284,6 +284,22 @@ class user extends baseClass implements externalCallable
$rv["config"]=(object)$this->config;
return $rv;
}
/**
* @param array $options - ["groups" - array of userGroup, if set - search will performed only in it]
*/
protected static function xSearch($where, $pattern, ?array $options, sql $sql) {
$ruleJoin=null;
if ($options["groups"]) {
$groups="";
foreach ($options["groups"] as $group) {
$groups .= (empty($groups)?"":",")."\"".$group->id."\"";
}
$ruleJoin = " INNER JOIN `tblUserGroupLink` as `l` on `l`.`userId`=`i`.`id` AND `l`.`groupId` in ($groups)";
}
return ["where"=>$where, "join"=>$ruleJoin, "group"=>"`i`.`id`"];
}
### REST API
public static function API_GET_list(request $request)
@ -295,6 +311,28 @@ class user extends baseClass implements externalCallable
}
public static function API_POST_search(request $request) {
$opts=[];
if ($request->checkAccess("viewAllUsers") || $request->checkAccess("adminUsers")) {
$opts=[];
} else if ($request->checkAccess("viewOwnListsUsers")) {
$opts = [
"groups"=>userGroup::getForUser($request->user,true),
];
} else {
$rv=new searchResult();
$rv->push($request->user);
return $rv;
}
return static::search(
$request->getRequestBodyItem("pattern"),
$request->getRequestBodyItem("pageSize"),
$request->getRequestBodyItem("page"),
$opts
);
if (! $request->user->checkAccess("adminUsers", "core")) {
throw new foxException("Forbidden", 403);
}

View File

@ -40,7 +40,8 @@ class userGroup extends baseClass implements externalCallable
public static $sqlColumns = [
"name" => [
"type" => "VARCHAR(255)",
"index" => "INDEX"
"index" => "INDEX",
"search"=>"LIKE",
],
"companyId" => [
"type" => "INT",
@ -87,22 +88,18 @@ class userGroup extends baseClass implements externalCallable
*
*/
protected static function xSearch($where, $pattern, ?array $options, sql $sql) {
$accessRule=(empty($options["accessRule"])?null:$options["accessRule"]);
$isList=(array_key_exists("isList", $options)?$options["isList"]:false);
$ruleJoin=null;
$ruleWhere=null;
if ($isList !== false) {
$ruleWhere .= " and `i`.`isList` = " . ($isList == true ? 1 : 0);
$where = (empty($where)?"":"( $where ) and ")."`i`.`isList` = " . ($isList == true ? 1 : 0);
}
if (empty($ruleWhere)) {
$xWhere=$where;
} else {
$xWhere=(empty($where)?$ruleWhere:"(".$where.") AND ".$ruleWhere);
if ($options["user"]) {
$ruleJoin = " INNER JOIN `tblUserGroupLink` as `l` on `l`.`groupId`=`i`.`id` AND `l`.`userId`='".$options["user"]->id."'";
}
return ["where"=>$xWhere, "join"=>$ruleJoin];
return ["where"=>$where, "join"=>$ruleJoin];
}
public function join(user $user)
@ -167,6 +164,36 @@ class userGroup extends baseClass implements externalCallable
}
}
### REST API
public static function API_POST_search(request $request) {
$opts=[];
if ($request->checkAccess("viewAllGroups")) {
$opts=[
"user"=>$request->getRequestBodyItem("own",true)?$request->user:null,
"isList"=>$request->getRequestBodyItem("type")=="list",
];
} else if ($request->checkAccess("viewAllLists")) {
$opts = [
"user"=>$request->getRequestBodyItem("own",true)?$request->user:null,
"isList"=>true,
];
} else {
$opts = [
"user"=>$request->user,
"isList"=>true,
];
}
return static::search(
$request->getRequestBodyItem("pattern"),
$request->getRequestBodyItem("pageSize"),
$request->getRequestBodyItem("page"),
$opts
);
}
public static function API_GET_list(request $request)
{
if (! $request->user->checkAccess("adminUserGroups", "core")) {

View File

@ -190,7 +190,7 @@ function btnUserpAdd_click() {
data: {pattern: request.term, pageSize: 10},
onSuccess: function(json) {
let rv=[];
$.each(json.data,function(key,val) {
$.each(json.data.result,function(key,val) {
rv.push({id: val.id, value: val.fullName});
});
response(rv);

View File

@ -29,6 +29,7 @@ export var langItem={
set: "Установить",
edit: "Изменить",
copy: "Копировать",
copyHash: "Копировать указатель",
paste: "Вставить",
updated: "Обновлен",
reload: "Обновить",

View File

@ -83,6 +83,9 @@ export function load() {
})
}).appendTo("body");
$("<div>",{ class: "poweredByCFOX", text: "Powered by Chimera FOX"})
.appendTo("body")
let oap=API.settings.get("oauthProfiles");
if (oap.length>0) {
let oad=$("<div>",{ class: "widget", id: "divAuthWith" });

View File

@ -170,6 +170,19 @@ export function createRightPanel(panels) {
createTabsPanel(panels,ref);
}
export function tabPanelRenameTab(tabId, text) {
$("#a-tab-"+tabId).text(text);
}
export function tabPanelHideTab(tabId) {
$( "#item_tabs").tabs("disable","#tab-"+tabId);
}
export function tabPanelShowTab(tabId) {
$( "#item_tabs").tabs("enable","#tab-"+tabId);
}
export function tabPanelActivateTab(tabId) {
$("#item_tabs").tabs({active: Number($("#a-tab-"+tabId).attr("idx"))});
}
export function createTabsPanel(panels,ref) {
if (ref===undefined) {
ref=$(".t_main #mainframe");
@ -200,7 +213,7 @@ export function createTabsPanel(panels,ref) {
$.each(panels,function (index,panel) {
if (panel.id==undefined) {panel.id=index;}
$("<li>",{append: $("<a>",{href: "#tab-"+panel.id, id: "a-tab-"+panel.id, text: panel.title})})
$("<li>",{append: $("<a>",{href: "#tab-"+panel.id, id: "a-tab-"+panel.id, text: panel.title}).attr("idx",index)})
.appendTo("#item_tabs_ul_list");
$("<div>", {
id: "tab-"+panel.id,
@ -702,6 +715,25 @@ export function copySelText(selText) {
}
}
export function getClipboard(onSuccess, onFail) {
console.log(typeof(onFail));
console.log(typeof(onSuccess));
navigator.clipboard.readText().then(text => {
console.log('Clipboard content is: ', text);
if (typeof(onSuccess)=="function") {
onSuccess(text);
}
})
.catch(err => {
console.error('Failed to read clipboard contents: ', err);
if (typeof(onFail)=="function") {
onFail(err);
}
})
}
export function getSelectionText() {
var text = "";
if (window.getSelection) {

View File

@ -42,6 +42,17 @@
.ui-dialog { z-index: 1000 !important ;}
div.poweredByCFOX {
position: absolute;
display: block;
bottom: 32px;
text-align: center;
width: 100%;
font-family: 'Jura', sans-serif;
font-size: 16px;
color: #024c68;
}
ul.ui-menu.ui-widget.ui-widget-content.ui-autocomplete.ui-front {
z-index: 1200 !important;
}