Code Coverage for /var/www/testcenter/backend/src/controller/UserController.class.php

	Code Coverage
	Lines			Functions and Methods				Classes and Traits
Total	0.00% covered (danger)	0.00%	0 / 40	0.00% covered (danger)	0.00%	0 / 5	CRAP	0.00% covered (danger)	0.00%	0 / 1
UserController	0.00% covered (danger)	0.00%	0 / 40	0.00% covered (danger)	0.00%	0 / 5	182	0.00% covered (danger)	0.00%	0 / 1
getWorkspaces	0.00% covered (danger)	0.00%	0 / 3	0.00% covered (danger)	0.00%	0 / 1	2
patchWorkspaces	0.00% covered (danger)	0.00%	0 / 6	0.00% covered (danger)	0.00%	0 / 1	12
putUser	0.00% covered (danger)	0.00%	0 / 10	0.00% covered (danger)	0.00%	0 / 1	12
patchPassword	0.00% covered (danger)	0.00%	0 / 7	0.00% covered (danger)	0.00%	0 / 1	6
patchSuperAdminStatus	0.00% covered (danger)	0.00%	0 / 14	0.00% covered (danger)	0.00%	0 / 1	20

1	<?php
2	/** @noinspection PhpUnhandledExceptionInspection */
3	declare(strict_types=1);
4
5	// TODO unit tests !
6
7	use Slim\Exception\HttpBadRequestException;
8	use Slim\Exception\HttpForbiddenException;
9	use Slim\Http\ServerRequest as Request;
10	use Slim\Http\Response;
11
12	class UserController extends Controller {
13	public static function getWorkspaces(Request $request, Response $response): Response {
14	$userId = (int) $request->getAttribute('user_id');
15	$workspaces = self::superAdminDAO()->getWorkspacesByUser($userId);
16	return $response->withJson($workspaces);
17	}
18
19	public static function patchWorkspaces(Request $request, Response $response): Response {
20	$requestBody = JSON::decode($request->getBody()->getContents());
21	$userId = (int) $request->getAttribute('user_id');
22
23	if (!isset($requestBody->ws) or (!count($requestBody->ws))) {
24	throw new HttpBadRequestException($request, "Workspace-list (ws) is missing.");
25	}
26
27	self::superAdminDAO()->setWorkspaceRightsByUser($userId, $requestBody->ws);
28
29	return $response;
30	}
31
32	public static function putUser(Request $request, Response $response): Response {
33	$requestBody = JSON::decode($request->getBody()->getContents());
34	if (!isset($requestBody->p) or !isset($requestBody->n)) {
35	throw new HttpBadRequestException($request, "Username or Password missing");
36	}
37
38	$user = self::superAdminDAO()->createUser(
39	userName: $requestBody->n,
40	password: $requestBody->p,
41	pwSetByAdmin: true
42	);
43
44	$response->getBody()->write(htmlspecialchars($user['id']));
45	return $response->withStatus(201);
46	}
47
48	public static function patchPassword(Request $request, Response $response): Response {
49	/**
50	* TODO change p to password
51	* TODO validate old password by changing
52	*/
53
54	$requestBody = JSON::decode($request->getBody()->getContents());
55	$userId = (int) $request->getAttribute('user_id');
56
57	if (!isset($requestBody->p)) {
58	throw new HttpBadRequestException($request, "Password missing");
59	}
60	$authToken = $request->getAttribute('AuthToken');
61	self::superAdminDAO()->setPassword($userId, $requestBody->p, $authToken);
62
63	return $response;
64	}
65
66	public static function patchSuperAdminStatus(Request $request, Response $response): Response {
67	/* @var $authToken AuthToken */
68	$authToken = $request->getAttribute('AuthToken');
69	$requestBody = JSON::decode($request->getBody()->getContents());
70	$userId = (int) $request->getAttribute('user_id');
71	$toStatusString = $request->getAttribute('to_status');
72	$toBeSuperAdmin = in_array($toStatusString, ['on', 'true', 1, '1', 'TRUE', 'True', 'ON', 'On'], true);
73	$NotToBeSuperAdmin = in_array($toStatusString, ['off', 'false', 0, '0', 'FALSE', 'False', 'OFF', 'Off'], true);
74
75	if (!($toBeSuperAdmin xor $NotToBeSuperAdmin)) {
76	throw new HttpBadRequestException($request, "New Status `$toStatusString` is undefined!");
77	}
78
79	if (!isset($requestBody->p)) {
80	throw new HttpBadRequestException($request, "Provide Password for security reasons!");
81	}
82
83	if (!self::superAdminDAO()->checkPassword($authToken->getId(), $requestBody->p)) {
84	throw new HttpForbiddenException($request, "Invalid password $requestBody->p {$authToken->getId()}");
85	}
86
87	self::superAdminDAO()->setSuperAdminStatus($userId, ($toStatusString == 'on'));
88
89	return $response;
90	}
91	}