Commit 84125667a87dfcb536f0700fe1dd7aed69b9b129
1 parent
24fc8bd1
изменение пользователя + роли
Showing
4 changed files
with
77 additions
and
13 deletions
Show diff stats
app/library/App/Constants/AclRoles.php
| @@ -11,4 +11,5 @@ class AclRoles | @@ -11,4 +11,5 @@ class AclRoles | ||
| 11 | const ADMINISTRATOR = 'Administrator'; | 11 | const ADMINISTRATOR = 'Administrator'; |
| 12 | 12 | ||
| 13 | const ALL_ROLES = [self::UNAUTHORIZED, self::AUTHORIZED, self::USER, self::MANAGER, self::ADMINISTRATOR]; | 13 | const ALL_ROLES = [self::UNAUTHORIZED, self::AUTHORIZED, self::USER, self::MANAGER, self::ADMINISTRATOR]; |
| 14 | + const ALL_REAL_ROLES = [self::USER, self::MANAGER, self::ADMINISTRATOR]; | ||
| 14 | } | 15 | } |
| 15 | \ No newline at end of file | 16 | \ No newline at end of file |
app/library/App/Controllers/UserController.php
| @@ -6,20 +6,36 @@ use PhalconRest\Mvc\Controllers\CrudResourceController; | @@ -6,20 +6,36 @@ use PhalconRest\Mvc\Controllers\CrudResourceController; | ||
| 6 | 6 | ||
| 7 | class UserController extends CrudResourceController | 7 | class UserController extends CrudResourceController |
| 8 | { | 8 | { |
| 9 | + /** | ||
| 10 | + * Accessible fields | ||
| 11 | + * | ||
| 12 | + * @return array | ||
| 13 | + */ | ||
| 9 | public function whitelist() | 14 | public function whitelist() |
| 10 | { | 15 | { |
| 11 | return [ | 16 | return [ |
| 12 | 'username', | 17 | 'username', |
| 13 | 'password', | 18 | 'password', |
| 14 | - 'email' | 19 | + 'email', |
| 20 | + 'role' | ||
| 15 | ]; | 21 | ]; |
| 16 | } | 22 | } |
| 17 | 23 | ||
| 24 | + /** | ||
| 25 | + * Возвращает текущего залогиненного пользователя | ||
| 26 | + * | ||
| 27 | + * @return mixed | ||
| 28 | + */ | ||
| 18 | public function meAction() | 29 | public function meAction() |
| 19 | { | 30 | { |
| 20 | return $this->createResourceResponse($this->userService->getDetails()); | 31 | return $this->createResourceResponse($this->userService->getDetails()); |
| 21 | } | 32 | } |
| 22 | 33 | ||
| 34 | + /** | ||
| 35 | + * Авторизация пользователя через BasicAuth и возвращает токен доступа | ||
| 36 | + * | ||
| 37 | + * @return mixed | ||
| 38 | + */ | ||
| 23 | public function authenticateAction() | 39 | public function authenticateAction() |
| 24 | { | 40 | { |
| 25 | $username = $this->request->getUsername(); | 41 | $username = $this->request->getUsername(); |
| @@ -42,6 +58,11 @@ class UserController extends CrudResourceController | @@ -42,6 +58,11 @@ class UserController extends CrudResourceController | ||
| 42 | return $this->createArrayResponse($response, 'data'); | 58 | return $this->createArrayResponse($response, 'data'); |
| 43 | } | 59 | } |
| 44 | 60 | ||
| 61 | + /** | ||
| 62 | + * Регистрация нового пользователя | ||
| 63 | + * | ||
| 64 | + * @return mixed | ||
| 65 | + */ | ||
| 45 | public function registerAction() { | 66 | public function registerAction() { |
| 46 | 67 | ||
| 47 | $this->beforeHandle(); | 68 | $this->beforeHandle(); |
| @@ -84,6 +105,12 @@ class UserController extends CrudResourceController | @@ -84,6 +105,12 @@ class UserController extends CrudResourceController | ||
| 84 | 105 | ||
| 85 | } | 106 | } |
| 86 | 107 | ||
| 108 | + /** | ||
| 109 | + * Переопределение входных данных | ||
| 110 | + * | ||
| 111 | + * @param $data | ||
| 112 | + * @return array | ||
| 113 | + */ | ||
| 87 | protected function transformPostData($data) | 114 | protected function transformPostData($data) |
| 88 | { | 115 | { |
| 89 | $result = []; | 116 | $result = []; |
| @@ -95,6 +122,14 @@ class UserController extends CrudResourceController | @@ -95,6 +122,14 @@ class UserController extends CrudResourceController | ||
| 95 | return $result; | 122 | return $result; |
| 96 | } | 123 | } |
| 97 | 124 | ||
| 125 | + /** | ||
| 126 | + * Хеширование пароля | ||
| 127 | + * | ||
| 128 | + * @param $key | ||
| 129 | + * @param $value | ||
| 130 | + * @param $data | ||
| 131 | + * @return string | ||
| 132 | + */ | ||
| 98 | protected function transformPostDataValue($key, $value, $data) | 133 | protected function transformPostDataValue($key, $value, $data) |
| 99 | { | 134 | { |
| 100 | if ($key == 'password') { | 135 | if ($key == 'password') { |
app/library/App/Model/User.php
| @@ -95,10 +95,14 @@ class User extends DateTrackingModel | @@ -95,10 +95,14 @@ class User extends DateTrackingModel | ||
| 95 | public function setRole($role) | 95 | public function setRole($role) |
| 96 | { | 96 | { |
| 97 | /** validation: constant value **/ | 97 | /** validation: constant value **/ |
| 98 | - if (!in_array($role, AclRoles::ALL_ROLES)) | 98 | + if (!in_array($role, AclRoles::ALL_REAL_ROLES)) |
| 99 | { | 99 | { |
| 100 | $msg = 'Post-data is invalid, bad `role` value'; | 100 | $msg = 'Post-data is invalid, bad `role` value'; |
| 101 | - throw new Exception(ErrorCodes::POST_DATA_INVALID, $msg, ['role' => $role]); | 101 | + throw new Exception( |
| 102 | + ErrorCodes::POST_DATA_INVALID, | ||
| 103 | + $msg, | ||
| 104 | + ['role' => $role, 'valid values' => AclRoles::ALL_REAL_ROLES] | ||
| 105 | + ); | ||
| 102 | } | 106 | } |
| 103 | /** -------------------------- **/ | 107 | /** -------------------------- **/ |
| 104 | 108 |
app/library/App/Resources/UserResource.php
| @@ -30,6 +30,40 @@ class UserResource extends ApiResource { | @@ -30,6 +30,40 @@ class UserResource extends ApiResource { | ||
| 30 | ->name('all') | 30 | ->name('all') |
| 31 | ->description('Возвращает всех зарегистрированных пользователей') | 31 | ->description('Возвращает всех зарегистрированных пользователей') |
| 32 | ); | 32 | ); |
| 33 | + | ||
| 34 | + $this | ||
| 35 | + ->endpoint(ApiEndpoint::remove() | ||
| 36 | + ->name('remove') | ||
| 37 | + ->description('Удаление пользователя') | ||
| 38 | + ->allow(AclRoles::USER) | ||
| 39 | + ->exampleResponse([ | ||
| 40 | + "result" => "OK" | ||
| 41 | + ]) | ||
| 42 | + ) | ||
| 43 | + ; | ||
| 44 | + $this | ||
| 45 | + ->endpoint(ApiEndpoint::update() | ||
| 46 | + ->name('update') | ||
| 47 | + ->description('Изменение данных пользователя') | ||
| 48 | + ->allow(AclRoles::ADMINISTRATOR) | ||
| 49 | + ->deny(AclRoles::MANAGER) | ||
| 50 | + ->exampleRequest([ | ||
| 51 | + 'role' => 'Manager' | ||
| 52 | + ]) | ||
| 53 | + ->exampleResponse([ | ||
| 54 | + "result" => "OK", | ||
| 55 | + "user" => [ | ||
| 56 | + "id" => 101, | ||
| 57 | + "username" => "qwerty", | ||
| 58 | + "email" => "1a23@awd.awd", | ||
| 59 | + "role" => "Manager", | ||
| 60 | + "createdAt" => "2017-02-16 19:05:18", | ||
| 61 | + "updatedAt" => "2017-03-21 14:31:48" | ||
| 62 | + ] | ||
| 63 | + ]) | ||
| 64 | + ) | ||
| 65 | + ; | ||
| 66 | + | ||
| 33 | $this | 67 | $this |
| 34 | ->endpoint(ApiEndpoint::factory('/me', HttpMethods::GET, 'meAction') | 68 | ->endpoint(ApiEndpoint::factory('/me', HttpMethods::GET, 'meAction') |
| 35 | ->name('me') | 69 | ->name('me') |
| @@ -78,15 +112,5 @@ class UserResource extends ApiResource { | @@ -78,15 +112,5 @@ class UserResource extends ApiResource { | ||
| 78 | ] | 112 | ] |
| 79 | ]) | 113 | ]) |
| 80 | ); | 114 | ); |
| 81 | - $this | ||
| 82 | - ->endpoint(ApiEndpoint::remove() | ||
| 83 | - ->name('remove') | ||
| 84 | - ->description('Удаление пользователя') | ||
| 85 | - ->allow(AclRoles::USER) | ||
| 86 | - ->exampleResponse([ | ||
| 87 | - "result" => "OK" | ||
| 88 | - ]) | ||
| 89 | - ) | ||
| 90 | - ; | ||
| 91 | } | 115 | } |
| 92 | } | 116 | } |
| 93 | \ No newline at end of file | 117 | \ No newline at end of file |