MXFOX
/
chimera-mark2-core-release
2
0
Fork 0
Code Pull Requests Packages Releases Wiki Activity

Weekly sync 2022-06-14

This commit is contained in:
Pavel Dmitriev 2022-06-14 15:16:56 +03:00
parent 68db950971
commit eab59a060b
13 changed files with 274 additions and 22 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

3
api/v2.php
View File

@ -54,6 +54,8 @@ try {
} }
ob_clean(); ob_clean();
header('Content-Type: application/json; charset=utf-8');
$apiMethod=fox\common::clearInput($request->method,"A-Z"); $apiMethod=fox\common::clearInput($request->method,"A-Z");
$apiFunction=fox\common::clearInput($request->function,"a-zA-Z0-9"); $apiFunction=fox\common::clearInput($request->function,"a-zA-Z0-9");
$apiXFunction=empty($request->parameters[0])?NULL:fox\common::clearInput($request->parameters[0],"a-zA-Z0-9"); $apiXFunction=empty($request->parameters[0])?NULL:fox\common::clearInput($request->parameters[0],"a-zA-Z0-9");
@ -78,6 +80,7 @@ try {
} catch (fox\foxRequestResult $e) { } catch (fox\foxRequestResult $e) {
ob_clean(); ob_clean();
header('Content-Type: application/json; charset=utf-8');
header('HTTP/1.0 '.$e->getCode().' '.$e->getMessage(), true, $e->getCode()); header('HTTP/1.0 '.$e->getCode().' '.$e->getMessage(), true, $e->getCode());
if ($e->retVal===null) { if ($e->retVal===null) {
print json_encode(["status"=>$e->getMessage()]); print json_encode(["status"=>$e->getMessage()]);

115
core/fox/UUID.php Normal file
View File

@ -0,0 +1,115 @@
<?php namespace fox;
/**
*
* @author Andrew Moore https://www.php.net/manual/ru/function.uniqid.php
*
**/
class UUID {
public static function v3($namespace, $name) {
if(!self::is_valid($namespace)) return false;
// Get hexadecimal components of namespace
$nhex = str_replace(array('-','{','}'), '', $namespace);
// Binary Value
$nstr = '';
// Convert Namespace UUID to bits
for($i = 0; $i < strlen($nhex); $i+=2) {
$nstr .= chr(hexdec($nhex[$i].$nhex[$i+1]));
}
// Calculate hash value
$hash = md5($nstr . $name);
return sprintf('%08s-%04s-%04x-%04x-%12s',
// 32 bits for "time_low"
substr($hash, 0, 8),
// 16 bits for "time_mid"
substr($hash, 8, 4),
// 16 bits for "time_hi_and_version",
// four most significant bits holds version number 3
(hexdec(substr($hash, 12, 4)) & 0x0fff) | 0x3000,
// 16 bits, 8 bits for "clk_seq_hi_res",
// 8 bits for "clk_seq_low",
// two most significant bits holds zero and one for variant DCE1.1
(hexdec(substr($hash, 16, 4)) & 0x3fff) | 0x8000,
// 48 bits for "node"
substr($hash, 20, 12)
);
}
public static function v4() {
return sprintf('%04x%04x-%04x-%04x-%04x-%04x%04x%04x',
// 32 bits for "time_low"
mt_rand(0, 0xffff), mt_rand(0, 0xffff),
// 16 bits for "time_mid"
mt_rand(0, 0xffff),
// 16 bits for "time_hi_and_version",
// four most significant bits holds version number 4
mt_rand(0, 0x0fff) | 0x4000,
// 16 bits, 8 bits for "clk_seq_hi_res",
// 8 bits for "clk_seq_low",
// two most significant bits holds zero and one for variant DCE1.1
mt_rand(0, 0x3fff) | 0x8000,
// 48 bits for "node"
mt_rand(0, 0xffff), mt_rand(0, 0xffff), mt_rand(0, 0xffff)
);
}
public static function v5($namespace, $name) {
if(!self::is_valid($namespace)) return false;
// Get hexadecimal components of namespace
$nhex = str_replace(array('-','{','}'), '', $namespace);
// Binary Value
$nstr = '';
// Convert Namespace UUID to bits
for($i = 0; $i < strlen($nhex); $i+=2) {
$nstr .= chr(hexdec($nhex[$i].$nhex[$i+1]));
}
// Calculate hash value
$hash = sha1($nstr . $name);
return sprintf('%08s-%04s-%04x-%04x-%12s',
// 32 bits for "time_low"
substr($hash, 0, 8),
// 16 bits for "time_mid"
substr($hash, 8, 4),
// 16 bits for "time_hi_and_version",
// four most significant bits holds version number 5
(hexdec(substr($hash, 12, 4)) & 0x0fff) | 0x5000,
// 16 bits, 8 bits for "clk_seq_hi_res",
// 8 bits for "clk_seq_low",
// two most significant bits holds zero and one for variant DCE1.1
(hexdec(substr($hash, 16, 4)) & 0x3fff) | 0x8000,
// 48 bits for "node"
substr($hash, 20, 12)
);
}
public static function is_valid($uuid) {
return preg_match('/^\{?[0-9a-f]{8}\-?[0-9a-f]{4}\-?[0-9a-f]{4}\-?'.
'[0-9a-f]{4}\-?[0-9a-f]{12}\}?$/i', $uuid) === 1;
}
}

9
core/fox/baseClass.php
View File

@ -147,7 +147,7 @@ class baseClass extends dbStoredBase implements \JsonSerializable, jsonImportabl
# parent::__construct($id, $sql, $prefix, $settings); # parent::__construct($id, $sql, $prefix, $settings);
$this->__settings = $settings; $this->__settings = $settings;
if (empty($this::$baseSqlSelectTemplate) && ! empty($this::$sqlTable)) { if (empty($this::$baseSqlSelectTemplate) && ! empty($this::$sqlTable)) {
$this->__sqlSelectTemplate = "select * from `" . $this::$sqlTable . "` as `i`"; $this->__sqlSelectTemplate = "select `i`.* from `" . $this::$sqlTable . "` as `i`";
} else { } else {
$this->__sqlSelectTemplate = $this::$baseSqlSelectTemplate; $this->__sqlSelectTemplate = $this::$baseSqlSelectTemplate;
} }
@ -589,10 +589,11 @@ class baseClass extends dbStoredBase implements \JsonSerializable, jsonImportabl
} }
$xRes=static::xSearch($where, $pattern, $options, $sql); $xRes=static::xSearch($where, $pattern, $options, $sql);
$where = $xRes["where"]; $where = array_key_exists("where",$xRes)?$xRes["where"]:"";
$join=$xRes["join"]; $join=array_key_exists("join",$xRes)?$xRes["join"]:"";
$groupBy=array_key_exists("group",$xRes)?$xRes["group"]:"";
$sqlQueryString=$ref->sqlSelectTemplate.(empty($join)?"":" ".$join).(empty($where)?"":" WHERE ".$where).(empty($limit)?"":" ".$limit); $sqlQueryString=$ref->sqlSelectTemplate.(empty($join)?"":" ".$join).(empty($where)?"":" WHERE ".$where).(empty($groupBy)?"":" GROUP BY ".$groupBy).(empty($limit)?"":" ".$limit);
$res=$sql->quickExec($sqlQueryString); $res=$sql->quickExec($sqlQueryString);
$rv=new searchResult(); $rv=new searchResult();

6
core/fox/common.php
View File

@ -90,11 +90,7 @@ class common
static function getGUIDc() static function getGUIDc()
{ {
mt_srand((double) microtime() * 10000); // optional for php 4.2.0 and up. return strtoupper(UUID::v4());
$charid = strtoupper(md5(uniqid(rand(), true)));
$hyphen = chr(45); // "-"
return substr($charid, 0, 8) . $hyphen . substr($charid, 8, 4) . $hyphen . substr($charid, 12, 4) . $hyphen . substr($charid, 16, 4) . $hyphen . substr($charid, 20, 12);
} }
static function getGUID() static function getGUID()

4
core/fox/modules.php
View File

@ -43,6 +43,10 @@ class modules implements externalCallable
"adminAuthMethods"=>"Manage auth methods", "adminAuthMethods"=>"Manage auth methods",
"viewCompanies"=>"View companies", "viewCompanies"=>"View companies",
"adminCompanies"=>"Manage companies", "adminCompanies"=>"Manage companies",
"viewAllGroups"=>"Search in all groups and lists",
"viewAllLists"=>"Search in all lists",
"viewAllUsers"=>"Search in all users",
"viewOwnListsUsers"=>"Search users only from own lists"
], ],
"configKeys"=> [ "configKeys"=> [
"converterURL"=>"FoxConverter URL prefix", "converterURL"=>"FoxConverter URL prefix",

21
core/fox/request.php
View File

@ -180,6 +180,27 @@ class request extends baseClass implements noSqlMigration
throw new foxException("Forbidden", 403); throw new foxException("Forbidden", 403);
} }
} }
public function checkAccess(string $rule, string $modInstance=null) {
if ($modInstance==null) { $modInstance=$this->instance; }
return $this->user->checkAccess($rule, $modInstance);
}
public function getRequestBodyItem($key) {
if ($this->requestBody!=null && property_exists($this->requestBody, $key)) {
return $this->requestBody->{$key};
} else {
return null;
}
}
public function getParamItem($key) {
if ($this->parameters !=null && array_key_exists($key, $this->parameters)) {
return $this->parameters[$key];
} else {
return null;
}
}
} }
?> ?>

38
core/fox/user.php
View File

@ -284,6 +284,22 @@ class user extends baseClass implements externalCallable
$rv["config"]=(object)$this->config; $rv["config"]=(object)$this->config;
return $rv; return $rv;
} }
/**
* @param array $options - ["groups" - array of userGroup, if set - search will performed only in it]
*/
protected static function xSearch($where, $pattern, ?array $options, sql $sql) {
$ruleJoin=null;
if ($options["groups"]) {
$groups="";
foreach ($options["groups"] as $group) {
$groups .= (empty($groups)?"":",")."\"".$group->id."\"";
}
$ruleJoin = " INNER JOIN `tblUserGroupLink` as `l` on `l`.`userId`=`i`.`id` AND `l`.`groupId` in ($groups)";
}
return ["where"=>$where, "join"=>$ruleJoin, "group"=>"`i`.`id`"];
}
### REST API ### REST API
public static function API_GET_list(request $request) public static function API_GET_list(request $request)
@ -295,6 +311,28 @@ class user extends baseClass implements externalCallable
} }
public static function API_POST_search(request $request) { public static function API_POST_search(request $request) {
$opts=[];
if ($request->checkAccess("viewAllUsers") || $request->checkAccess("adminUsers")) {
$opts=[];
} else if ($request->checkAccess("viewOwnListsUsers")) {
$opts = [
"groups"=>userGroup::getForUser($request->user,true),
];
} else {
$rv=new searchResult();
$rv->push($request->user);
return $rv;
}
return static::search(
$request->getRequestBodyItem("pattern"),
$request->getRequestBodyItem("pageSize"),
$request->getRequestBodyItem("page"),
$opts
);
if (! $request->user->checkAccess("adminUsers", "core")) { if (! $request->user->checkAccess("adminUsers", "core")) {
throw new foxException("Forbidden", 403); throw new foxException("Forbidden", 403);
} }

49
core/fox/userGroup.php
View File

@ -40,7 +40,8 @@ class userGroup extends baseClass implements externalCallable
public static $sqlColumns = [ public static $sqlColumns = [
"name" => [ "name" => [
"type" => "VARCHAR(255)", "type" => "VARCHAR(255)",
"index" => "INDEX" "index" => "INDEX",
"search"=>"LIKE",
], ],
"companyId" => [ "companyId" => [
"type" => "INT", "type" => "INT",
@ -87,22 +88,18 @@ class userGroup extends baseClass implements externalCallable
* *
*/ */
protected static function xSearch($where, $pattern, ?array $options, sql $sql) { protected static function xSearch($where, $pattern, ?array $options, sql $sql) {
$accessRule=(empty($options["accessRule"])?null:$options["accessRule"]);
$isList=(array_key_exists("isList", $options)?$options["isList"]:false); $isList=(array_key_exists("isList", $options)?$options["isList"]:false);
$ruleJoin=null; $ruleJoin=null;
$ruleWhere=null;
if ($isList !== false) { if ($isList !== false) {
$ruleWhere .= " and `i`.`isList` = " . ($isList == true ? 1 : 0); $where = (empty($where)?"":"( $where ) and ")."`i`.`isList` = " . ($isList == true ? 1 : 0);
} }
if (empty($ruleWhere)) { if ($options["user"]) {
$xWhere=$where; $ruleJoin = " INNER JOIN `tblUserGroupLink` as `l` on `l`.`groupId`=`i`.`id` AND `l`.`userId`='".$options["user"]->id."'";
} else {
$xWhere=(empty($where)?$ruleWhere:"(".$where.") AND ".$ruleWhere);
} }
return ["where"=>$xWhere, "join"=>$ruleJoin]; return ["where"=>$where, "join"=>$ruleJoin];
} }
public function join(user $user) public function join(user $user)
@ -167,6 +164,36 @@ class userGroup extends baseClass implements externalCallable
} }
} }
### REST API
public static function API_POST_search(request $request) {
$opts=[];
if ($request->checkAccess("viewAllGroups")) {
$opts=[
"user"=>$request->getRequestBodyItem("own",true)?$request->user:null,
"isList"=>$request->getRequestBodyItem("type")=="list",
];
} else if ($request->checkAccess("viewAllLists")) {
$opts = [
"user"=>$request->getRequestBodyItem("own",true)?$request->user:null,
"isList"=>true,
];
} else {
$opts = [
"user"=>$request->user,
"isList"=>true,
];
}
return static::search(
$request->getRequestBodyItem("pattern"),
$request->getRequestBodyItem("pageSize"),
$request->getRequestBodyItem("page"),
$opts
);
}
public static function API_GET_list(request $request) public static function API_GET_list(request $request)
{ {
if (! $request->user->checkAccess("adminUserGroups", "core")) { if (! $request->user->checkAccess("adminUserGroups", "core")) {

2
static/js/core/coreGroup.js
View File

@ -190,7 +190,7 @@ function btnUserpAdd_click() {
data: {pattern: request.term, pageSize: 10}, data: {pattern: request.term, pageSize: 10},
onSuccess: function(json) { onSuccess: function(json) {
let rv=[]; let rv=[];
$.each(json.data,function(key,val) { $.each(json.data.result,function(key,val) {
rv.push({id: val.id, value: val.fullName}); rv.push({id: val.id, value: val.fullName});
}); });
response(rv); response(rv);

1
static/js/core/lang_ru.js
View File

@ -29,6 +29,7 @@ export var langItem={
set: "Установить", set: "Установить",
edit: "Изменить", edit: "Изменить",
copy: "Копировать", copy: "Копировать",
copyHash: "Копировать указатель",
paste: "Вставить", paste: "Вставить",
updated: "Обновлен", updated: "Обновлен",
reload: "Обновить", reload: "Обновить",

3
static/js/core/login.js
View File

@ -83,6 +83,9 @@ export function load() {
}) })
}).appendTo("body"); }).appendTo("body");
$("<div>",{ class: "poweredByCFOX", text: "Powered by Chimera FOX"})
.appendTo("body")
let oap=API.settings.get("oauthProfiles"); let oap=API.settings.get("oauthProfiles");
if (oap.length>0) { if (oap.length>0) {
let oad=$("<div>",{ class: "widget", id: "divAuthWith" }); let oad=$("<div>",{ class: "widget", id: "divAuthWith" });

34
static/js/core/ui.js
View File

@ -170,6 +170,19 @@ export function createRightPanel(panels) {
createTabsPanel(panels,ref); createTabsPanel(panels,ref);
} }
export function tabPanelRenameTab(tabId, text) {
$("#a-tab-"+tabId).text(text);
}
export function tabPanelHideTab(tabId) {
$( "#item_tabs").tabs("disable","#tab-"+tabId);
}
export function tabPanelShowTab(tabId) {
$( "#item_tabs").tabs("enable","#tab-"+tabId);
}
export function tabPanelActivateTab(tabId) {
$("#item_tabs").tabs({active: Number($("#a-tab-"+tabId).attr("idx"))});
}
export function createTabsPanel(panels,ref) { export function createTabsPanel(panels,ref) {
if (ref===undefined) { if (ref===undefined) {
ref=$(".t_main #mainframe"); ref=$(".t_main #mainframe");
@ -200,7 +213,7 @@ export function createTabsPanel(panels,ref) {
$.each(panels,function (index,panel) { $.each(panels,function (index,panel) {
if (panel.id==undefined) {panel.id=index;} if (panel.id==undefined) {panel.id=index;}
$("<li>",{append: $("<a>",{href: "#tab-"+panel.id, id: "a-tab-"+panel.id, text: panel.title})}) $("<li>",{append: $("<a>",{href: "#tab-"+panel.id, id: "a-tab-"+panel.id, text: panel.title}).attr("idx",index)})
.appendTo("#item_tabs_ul_list"); .appendTo("#item_tabs_ul_list");
$("<div>", { $("<div>", {
id: "tab-"+panel.id, id: "tab-"+panel.id,
@ -702,6 +715,25 @@ export function copySelText(selText) {
} }
} }
export function getClipboard(onSuccess, onFail) {
console.log(typeof(onFail));
console.log(typeof(onSuccess));
navigator.clipboard.readText().then(text => {
console.log('Clipboard content is: ', text);
if (typeof(onSuccess)=="function") {
onSuccess(text);
}
})
.catch(err => {
console.error('Failed to read clipboard contents: ', err);
if (typeof(onFail)=="function") {
onFail(err);
}
})
}
export function getSelectionText() { export function getSelectionText() {
var text = ""; var text = "";
if (window.getSelection) { if (window.getSelection) {

11
static/theme/core/main.css
View File

@ -42,6 +42,17 @@
.ui-dialog { z-index: 1000 !important ;} .ui-dialog { z-index: 1000 !important ;}
div.poweredByCFOX {
position: absolute;
display: block;
bottom: 32px;
text-align: center;
width: 100%;
font-family: 'Jura', sans-serif;
font-size: 16px;
color: #024c68;
}
ul.ui-menu.ui-widget.ui-widget-content.ui-autocomplete.ui-front { ul.ui-menu.ui-widget.ui-widget-content.ui-autocomplete.ui-front {
z-index: 1200 !important; z-index: 1200 !important;
} }