Mascali/raspisms
1
0
Fork 0
mirror of https://github.com/RaspbianFrance/raspisms.git synced 2025-04-20 16:37:48 +02:00
Code Issues Projects Releases Wiki Activity

Use id_phone instead of number in scheduled, use ftok to generate queue id, improve adapter interface, add popup error

Browse source
This commit is contained in:
osaajani 2020-03-04 01:40:47 +01:00
parent 66fa2ef434
commit 6f8c7d62b9
25 changed files with 195 additions and 180 deletions
Download patch file Download diff file Expand all files Collapse all files

12
controllers/internals/Console.php
View file

@ -59,16 +59,15 @@ namespace controllers\internals;
new \daemons\Phone($phone);
}
/**
* Create a user or update an existing user
* Create a user or update an existing user.
*
* @param $email : User email
* @param $password : User password
* @param $admin : Is user admin
* @param $api_key : User API key, if null random api key is generated
* @return void : exit status 1 on error, else 0
* @param $api_key : User API key, if null random api key is generated
*/
public function create_update_user (string $email, string $password, bool $admin, ?string $api_key = null)
public function create_update_user(string $email, string $password, bool $admin, ?string $api_key = null)
{
$bdd = \descartes\Model::_connect(DATABASE_HOST, DATABASE_NAME, DATABASE_USER, DATABASE_PASSWORD, 'UTF8');
$internal_user = new \controllers\internals\User($bdd);
@ -78,11 +77,10 @@ namespace controllers\internals;
{
$api_key = $api_key ?? $internal_user->generate_random_api_key();
$success = $internal_user->update($user['id'], $email, $password, $admin, $api_key);
exit($success ? 0 : 1);
}
$success = $internal_user->create($email, $password, $admin, $api_key);
exit($success ? 0 : 1);
}

5
controllers/internals/HttpError.php
View file

@ -18,12 +18,11 @@ namespace controllers\internals;
class HttpError extends \descartes\InternalController
{
/**
* Return 404 error page
* Return 404 error page.
*/
public function _404 ()
public function _404()
{
http_response_code(404);
$this->render('error/404');
}
}

89
controllers/internals/Scheduled.php
View file

@ -20,30 +20,30 @@ namespace controllers\internals;
*
* @param int $id_user : User to insert scheduled for
* @param $at : Scheduled date to send
* @param string $text : Text of the message
* @param ?string $origin : Origin number of the message, null by default
* @param bool $flash : Is the sms a flash sms, by default false
* @param array $numbers : Numbers to send message to
* @param array $contacts_ids : Contact ids to send message to
* @param array $groups_ids : Group ids to send message to
* @param array $conditional_group_ids : Conditional Groups ids to send message to
* @param string $text : Text of the message
* @param ?int $id_phone : Id of the phone to send message with, null by default
* @param bool $flash : Is the sms a flash sms, by default false
* @param array $numbers : Numbers to send message to
* @param array $contacts_ids : Contact ids to send message to
* @param array $groups_ids : Group ids to send message to
* @param array $conditional_group_ids : Conditional Groups ids to send message to
*
* @return bool : false on error, new id on success
*/
public function create(int $id_user, $at, string $text, ?string $origin = null, bool $flash = false, array $numbers = [], array $contacts_ids = [], array $groups_ids = [], array $conditional_group_ids = [])
public function create(int $id_user, $at, string $text, ?int $id_phone = null, bool $flash = false, array $numbers = [], array $contacts_ids = [], array $groups_ids = [], array $conditional_group_ids = [])
{
$scheduled = [
'id_user' => $id_user,
'at' => $at,
'text' => $text,
'origin' => $origin,
'id_phone' => $id_phone,
'flash' => $flash,
];
if ($origin)
if ($id_phone !== null)
{
$internal_phone = new Phone($this->bdd);
$find_phone = $internal_phone->get_by_number_and_user($id_user, $origin);
$find_phone = $internal_phone->get_for_user($id_user, $id_phone);
if (!$find_phone)
{
@ -54,10 +54,6 @@ namespace controllers\internals;
$id_scheduled = $this->get_model()->insert($scheduled);
if (!$id_scheduled)
{
$date = date('Y-m-d H:i:s');
$internal_event = new Event($this->bdd);
$internal_event->create($id_user, 'SCHEDULED_ADD', 'Ajout d\'un Sms pour le ' . $date . '.');
return false;
}
@ -102,6 +98,10 @@ namespace controllers\internals;
$this->get_model()->insert_scheduled_conditional_group_relation($id_scheduled, $conditional_group_id);
}
$date = date('Y-m-d H:i:s');
$internal_event = new Event($this->bdd);
$internal_event->create($id_user, 'SCHEDULED_ADD', 'Ajout d\'un Sms pour le ' . $date . '.');
return $id_scheduled;
}
@ -111,30 +111,30 @@ namespace controllers\internals;
* @param int $id_user : User to insert scheduled for
* @param int $id_scheduled : Scheduled id
* @param $at : Scheduled date to send
* @param string $text : Text of the message
* @param ?string $origin : Origin number of the message, null by default
* @param bool $flash : Is the sms a flash sms, by default false
* @param array $numbers : Numbers to send message to
* @param array $contacts_ids : Contact ids to send message to
* @param array $groups_ids : Group ids to send message to
* @param array $conditional_group_ids : Conditional Groups ids to send message to
* @param string $text : Text of the message
* @param ?int $id_phone : Id of the phone to send message with, null by default
* @param bool $flash : Is the sms a flash sms, by default false
* @param array $numbers : Numbers to send message to
* @param array $contacts_ids : Contact ids to send message to
* @param array $groups_ids : Group ids to send message to
* @param array $conditional_group_ids : Conditional Groups ids to send message to
*
* @return bool : false on error, new id on success
*/
public function update_for_user(int $id_user, int $id_scheduled, $at, string $text, ?string $origin = null, bool $flash = false, array $numbers = [], array $contacts_ids = [], array $groups_ids = [], array $conditional_group_ids = [])
public function update_for_user(int $id_user, int $id_scheduled, $at, string $text, ?string $id_phone = null, bool $flash = false, array $numbers = [], array $contacts_ids = [], array $groups_ids = [], array $conditional_group_ids = [])
{
$scheduled = [
'id_user' => $id_user,
'at' => $at,
'text' => $text,
'origin' => $origin,
'id_phone' => $id_phone,
'flash' => $flash,
];
if ($origin)
if ($id_phone !== null)
{
$internal_phone = new Phone($this->bdd);
$find_phone = $internal_phone->get_by_number_and_user($id_user, $origin);
$find_phone = $internal_phone->get_for_user($id_user, $id_phone);
if (!$find_phone)
{
@ -210,7 +210,7 @@ namespace controllers\internals;
/**
* Get all messages to send and the number to use to send theme.
*
* @return array : [['id_scheduled', 'text', 'origin', 'destination', 'flash'], ...]
* @return array : [['id_scheduled', 'text', 'id_phone', 'destination', 'flash'], ...]
*/
public function get_smss_to_send()
{
@ -247,6 +247,23 @@ namespace controllers\internals;
$users_phones[$scheduled['id_user']] = $phones ? $phones : [];
}
$phone_to_use = null;
foreach ($users_phones[$scheduled['id_user']] as $phone)
{
if ($phone['id'] !== $scheduled['id_phone'])
{
continue;
}
$phone_to_use = $phone;
}
if (null === $phone_to_use)
{
$rnd_key = array_rand($users_phones[$scheduled['id_user']]);
$phone_to_use = $users_phones[$scheduled['id_user']][$rnd_key];
}
$messages = [];
//Add messages for numbers
@ -256,18 +273,11 @@ namespace controllers\internals;
$message = [
'id_user' => $scheduled['id_user'],
'id_scheduled' => $scheduled['id'],
'origin' => $scheduled['origin'],
'id_phone' => $phone_to_use['id'],
'destination' => $number['number'],
'flash' => $scheduled['flash'],
];
if (null === $message['origin'])
{
$k = array_rand($users_phones[$scheduled['id_user']]);
$rnd_phone = $users_phones[$scheduled['id_user']][$k];
$message['origin'] = $rnd_phone['number'];
}
if ((int) ($users_settings[$scheduled['id_user']]['templating'] ?? false))
{
$render = $internal_templating->render($scheduled['text']);
@ -317,18 +327,11 @@ namespace controllers\internals;
$message = [
'id_user' => $scheduled['id_user'],
'id_scheduled' => $scheduled['id'],
'origin' => $scheduled['origin'],
'id_phone' => $phone_to_use['id'],
'destination' => $number['number'],
'flash' => $scheduled['flash'],
];
if (null === $message['origin'])
{
$k = array_rand($users_phones[$scheduled['id_user']]);
$rnd_phone = $users_phones[$scheduled['id_user']][$k];
$message['origin'] = $rnd_phone['number'];
}
if ((int) ($users_settings[$scheduled['id_user']]['templating'] ?? false))
{
$contact['datas'] = json_decode($contact['datas'], true);

10
controllers/publics/Api.php
View file

@ -160,7 +160,7 @@ namespace controllers\publics;
*
* @param string $_POST['at'] : Date to send message at format Y-m-d H:i:s
* @param string $_POST['text'] : Text of the message to send
* @param string $_POST['origin'] : Default null. Number to send the message from. If null use a random phone
* @param string $_POST['id_phone'] : Default null. Id of phone to send the message from. If null use a random phone
* @param string $_POST['flash'] : Default false. Is the sms a flash sms.
* @param string $_POST['numbers'] : Array of numbers to send message to
* @param string $_POST['contacts'] : Array of ids of contacts to send message to
@ -173,7 +173,7 @@ namespace controllers\publics;
{
$at = $_POST['at'] ?? false;
$text = $_POST['text'] ?? false;
$origin = empty($_POST['origin']) ? null : $_POST['origin'];
$id_phone = empty($_POST['id_phone']) ? null : $_POST['id_phone'];
$flash = (bool) ($_POST['flash'] ?? false);
$numbers = $_POST['numbers'] ?? [];
$contacts = $_POST['contacts'] ?? [];
@ -227,18 +227,18 @@ namespace controllers\publics;
return false;
}
if ($origin && !$this->internal_phone->get_by_number_and_user($this->user['id'], $origin))
if ($id_phone && !$this->internal_phone->get_for_user($this->user['id'], $id_phone))
{
$return = self::DEFAULT_RETURN;
$return['error'] = self::ERROR_CODES['INVALID_PARAMETER'];
$return['message'] = self::ERROR_MESSAGES['INVALID_PARAMETER'] . 'origin : You must specify an origin number among thoses of user phones.';
$return['message'] = self::ERROR_MESSAGES['INVALID_PARAMETER'] . 'id_phone : You must specify an id_phone number among thoses of user phones.';
$this->auto_http_code(false);
$this->json($return);
return false;
}
$scheduled_id = $this->internal_scheduled->create($this->user['id'], $at, $text, $origin, $flash, $numbers, $contacts, $groups, $conditional_groups);
$scheduled_id = $this->internal_scheduled->create($this->user['id'], $at, $text, $id_phone, $flash, $numbers, $contacts, $groups, $conditional_groups);
if (!$scheduled_id)
{
$return = self::DEFAULT_RETURN;

31
controllers/publics/Callback.php
View file

@ -16,6 +16,7 @@ namespace controllers\publics;
*/
class Callback extends \descartes\Controller
{
private $user;
private $internal_user;
private $internal_sended;
private $internal_adapter;
@ -27,21 +28,33 @@ namespace controllers\publics;
$this->internal_user = new \controllers\internals\User($bdd);
$this->internal_sended = new \controllers\internals\Sended($bdd);
$this->internal_adapter = new \controllers\internals\Adapter();
//If no user, quit with error
$this->user = false;
$api_key = $_GET['api_key'] ?? false;
if ($api_key)
{
$this->user = $this->internal_user->get_by_api_key($api_key);
}
if (!$this->user)
{
http_response_code(401);
echo json_encode(['error' => 'Invalid API key. You must provide a valid GET or POST api_key param.']);
exit(1);
}
}
/**
* Function call on a sended sms status change notification reception.
* We return nothing, and we let the adapter do his things
*
* @param string $adapter_name : Name of the adapter to use
*
* @return false : We must always return false, and we respect a random usleep before returning anything
* in order to prevent bruteforce api key guessing and time guessing
* @return bool : true on success, false on error
*/
public function update_sended_status(string $adapter_name)
{
//Wait between 0.5 and 1.03s in order to counter time guessing bruteforce attack against api key
usleep(mt_rand(5, 10) / 10 * 1000000 + mt_rand(0, 30000));
//Search for an adapter
$find_adapter = false;
$adapters = $this->internal_adapter->list_adapters();
@ -60,16 +73,12 @@ namespace controllers\publics;
//Instanciate adapter, check if status change is supported and if so call status change callback
$adapter_classname = $find_adapter['meta_classname'];
if (!$find_adapter['meta_support_status_change'])
{
return false;
}
$callback_return = $adapter_classname::status_change_callback();
var_dump($callback_return);
if (!$callback_return)
{
return false;
@ -83,6 +92,6 @@ namespace controllers\publics;
$this->internal_sended->update_status($sended['id'], $callback_return['status']);
return false;
return true;
}
}

4
controllers/publics/Phone.php
View file

@ -132,7 +132,7 @@ class Phone extends \descartes\Controller
\FlashMessage\FlashMessage::push('danger', 'Numéro de téléphone incorrect.');
return $this->redirect(\descartes\Router::url('Phone', 'add'));
}
}
$number_exist = $this->internal_phone->get_by_number($number);
if ($number_exist)
@ -185,7 +185,7 @@ class Phone extends \descartes\Controller
$adapter_classname = $find_adapter['meta_classname'];
$adapter_instance = new $adapter_classname($number, $adapter_datas);
$adapter_working = $adapter_instance->test();
if (!$adapter_working)
{
\FlashMessage\FlashMessage::push('danger', 'Impossible d\'utiliser l\'adaptateur choisis avec les données fournies. Vérifiez le numéro de téléphone et les réglages.');

42
controllers/publics/Scheduled.php
View file

@ -214,15 +214,19 @@ namespace controllers\publics;
}
/**
* Cette fonction insert un nouveau scheduled.
* Create a new scheduled message
* (you must provide at least one entry in any of numbers, contacts, groups or conditional_groups).
*
* @param $csrf : Le jeton CSRF
* @param string $_POST['name'] : Le nom du scheduled
* @param string $_POST['date'] : La date d'envoie du scheduled
* @param string $_POST['numbers'] : Les numeros de téléphone du scheduled
* @param string $_POST['contacts'] : Les contacts du scheduled
* @param string $_POST['groups'] : Les groups du scheduled
* @param array $_FILES['media'] : The media to link to a scheduled
* @param string $_POST['at'] : Date to send message for
* @param string $_POST['text'] : Text of the message
* @param ?bool $_POST['flash'] : Is the message a flash message (by default false)
* @param ?int $_POST['id_phone'] : Id of the phone to send message from, if null use random phone
* @param ?array $_POST['numbers'] : Numbers to send the message to
* @param ?array $_POST['contacts'] : Numbers to send the message to
* @param ?array $_POST['groups'] : Numbers to send the message to
* @param ?array $_POST['conditional_groups'] : Numbers to send the message to
* @param ?array $_FILES['media'] : The media to link to a scheduled
*/
public function create($csrf)
{
@ -237,11 +241,12 @@ namespace controllers\publics;
$at = $_POST['at'] ?? false;
$text = $_POST['text'] ?? false;
$flash = (bool) ($_POST['flash'] ?? false);
$origin = empty($_POST['origin']) ? null : $_POST['origin'];
$id_phone = empty($_POST['id_phone']) ? null : $_POST['id_phone'];
$numbers = $_POST['numbers'] ?? [];
$contacts = $_POST['contacts'] ?? [];
$groups = $_POST['groups'] ?? [];
$conditional_groups = $_POST['conditional_groups'] ?? [];
$media = $_FILES['media'] ?? false;
if (empty($text))
{
@ -278,14 +283,7 @@ namespace controllers\publics;
return $this->redirect(\descartes\Router::url('Scheduled', 'add'));
}
if ($origin && !$this->internal_phone->get_by_number_and_user($id_user, $origin))
{
\FlashMessage\FlashMessage::push('danger', 'Ce numéro n\'existe pas ou vous n\'en êtes pas propriétaire.');
return $this->redirect(\descartes\Router::url('Scheduled', 'add'));
}
$scheduled_id = $this->internal_scheduled->create($id_user, $at, $text, $origin, $flash, $numbers, $contacts, $groups, $conditional_groups);
$scheduled_id = $this->internal_scheduled->create($id_user, $at, $text, $id_phone, $flash, $numbers, $contacts, $groups, $conditional_groups);
if (!$scheduled_id)
{
\FlashMessage\FlashMessage::push('danger', 'Impossible de créer le Sms.');
@ -294,7 +292,6 @@ namespace controllers\publics;
}
//If mms is enabled, try to process a media to link to the scheduled
$media = $_FILES['media'] ?? false;
if (!($_SESSION['user']['settings']['mms'] ?? false) || !$media)
{
\FlashMessage\FlashMessage::push('success', 'Le Sms a bien été créé pour le ' . $at . '.');
@ -340,7 +337,7 @@ namespace controllers\publics;
$id_user = $_SESSION['user']['id'];
$at = $scheduled['at'] ?? false;
$text = $scheduled['text'] ?? false;
$origin = empty($scheduled['origin']) ? null : $scheduled['origin'];
$id_phone = empty($scheduled['id_phone']) ? null : $scheduled['id_phone'];
$flash = (bool) ($scheduled['flash'] ?? false);
$numbers = $scheduled['numbers'] ?? [];
$contacts = $scheduled['contacts'] ?? [];
@ -381,12 +378,7 @@ namespace controllers\publics;
continue;
}
if ($origin && !$this->internal_phone->get_by_number_and_user($id_user, $origin))
{
continue;
}
$success = $this->internal_scheduled->update_for_user($id_user, $id_scheduled, $at, $text, $origin, $flash, $numbers, $contacts, $groups, $conditional_groups);
$success = $this->internal_scheduled->update_for_user($id_user, $id_scheduled, $at, $text, $id_phone, $flash, $numbers, $contacts, $groups, $conditional_groups);
//Check for media
/*
@ -410,7 +402,7 @@ namespace controllers\publics;
}
*/
++$nb_update;
$nb_update++;
}
if ($nb_update !== \count($scheduleds))