Mascali/raspisms
1
0
Fork 0
mirror of https://github.com/RaspbianFrance/raspisms.git synced 2025-06-07 07:06:26 +02:00
Code Issues Projects Releases Wiki Activity

Use id_phone instead of number in scheduled, use ftok to generate queue id, improve adapter interface, add popup error

Browse source
This commit is contained in:
osaajani 2020-03-04 01:40:47 +01:00
parent 66fa2ef434
commit 6f8c7d62b9
25 changed files with 195 additions and 180 deletions
Download patch file Download diff file Expand all files Collapse all files

10
controllers/publics/Api.php
View file

@ -160,7 +160,7 @@ namespace controllers\publics;
*
* @param string $_POST['at'] : Date to send message at format Y-m-d H:i:s
* @param string $_POST['text'] : Text of the message to send
* @param string $_POST['origin'] : Default null. Number to send the message from. If null use a random phone
* @param string $_POST['id_phone'] : Default null. Id of phone to send the message from. If null use a random phone
* @param string $_POST['flash'] : Default false. Is the sms a flash sms.
* @param string $_POST['numbers'] : Array of numbers to send message to
* @param string $_POST['contacts'] : Array of ids of contacts to send message to
@ -173,7 +173,7 @@ namespace controllers\publics;
{
$at = $_POST['at'] ?? false;
$text = $_POST['text'] ?? false;
$origin = empty($_POST['origin']) ? null : $_POST['origin'];
$id_phone = empty($_POST['id_phone']) ? null : $_POST['id_phone'];
$flash = (bool) ($_POST['flash'] ?? false);
$numbers = $_POST['numbers'] ?? [];
$contacts = $_POST['contacts'] ?? [];
@ -227,18 +227,18 @@ namespace controllers\publics;
return false;
}
if ($origin && !$this->internal_phone->get_by_number_and_user($this->user['id'], $origin))
if ($id_phone && !$this->internal_phone->get_for_user($this->user['id'], $id_phone))
{
$return = self::DEFAULT_RETURN;
$return['error'] = self::ERROR_CODES['INVALID_PARAMETER'];
$return['message'] = self::ERROR_MESSAGES['INVALID_PARAMETER'] . 'origin : You must specify an origin number among thoses of user phones.';
$return['message'] = self::ERROR_MESSAGES['INVALID_PARAMETER'] . 'id_phone : You must specify an id_phone number among thoses of user phones.';
$this->auto_http_code(false);
$this->json($return);
return false;
}
$scheduled_id = $this->internal_scheduled->create($this->user['id'], $at, $text, $origin, $flash, $numbers, $contacts, $groups, $conditional_groups);
$scheduled_id = $this->internal_scheduled->create($this->user['id'], $at, $text, $id_phone, $flash, $numbers, $contacts, $groups, $conditional_groups);
if (!$scheduled_id)
{
$return = self::DEFAULT_RETURN;

31
controllers/publics/Callback.php
View file

@ -16,6 +16,7 @@ namespace controllers\publics;
*/
class Callback extends \descartes\Controller
{
private $user;
private $internal_user;
private $internal_sended;
private $internal_adapter;
@ -27,21 +28,33 @@ namespace controllers\publics;
$this->internal_user = new \controllers\internals\User($bdd);
$this->internal_sended = new \controllers\internals\Sended($bdd);
$this->internal_adapter = new \controllers\internals\Adapter();
//If no user, quit with error
$this->user = false;
$api_key = $_GET['api_key'] ?? false;
if ($api_key)
{
$this->user = $this->internal_user->get_by_api_key($api_key);
}
if (!$this->user)
{
http_response_code(401);
echo json_encode(['error' => 'Invalid API key. You must provide a valid GET or POST api_key param.']);
exit(1);
}
}
/**
* Function call on a sended sms status change notification reception.
* We return nothing, and we let the adapter do his things
*
* @param string $adapter_name : Name of the adapter to use
*
* @return false : We must always return false, and we respect a random usleep before returning anything
* in order to prevent bruteforce api key guessing and time guessing
* @return bool : true on success, false on error
*/
public function update_sended_status(string $adapter_name)
{
//Wait between 0.5 and 1.03s in order to counter time guessing bruteforce attack against api key
usleep(mt_rand(5, 10) / 10 * 1000000 + mt_rand(0, 30000));
//Search for an adapter
$find_adapter = false;
$adapters = $this->internal_adapter->list_adapters();
@ -60,16 +73,12 @@ namespace controllers\publics;
//Instanciate adapter, check if status change is supported and if so call status change callback
$adapter_classname = $find_adapter['meta_classname'];
if (!$find_adapter['meta_support_status_change'])
{
return false;
}
$callback_return = $adapter_classname::status_change_callback();
var_dump($callback_return);
if (!$callback_return)
{
return false;
@ -83,6 +92,6 @@ namespace controllers\publics;
$this->internal_sended->update_status($sended['id'], $callback_return['status']);
return false;
return true;
}
}

4
controllers/publics/Phone.php
View file

@ -132,7 +132,7 @@ class Phone extends \descartes\Controller
\FlashMessage\FlashMessage::push('danger', 'Numéro de téléphone incorrect.');
return $this->redirect(\descartes\Router::url('Phone', 'add'));
}
}
$number_exist = $this->internal_phone->get_by_number($number);
if ($number_exist)
@ -185,7 +185,7 @@ class Phone extends \descartes\Controller
$adapter_classname = $find_adapter['meta_classname'];
$adapter_instance = new $adapter_classname($number, $adapter_datas);
$adapter_working = $adapter_instance->test();
if (!$adapter_working)
{
\FlashMessage\FlashMessage::push('danger', 'Impossible d\'utiliser l\'adaptateur choisis avec les données fournies. Vérifiez le numéro de téléphone et les réglages.');

42
controllers/publics/Scheduled.php
View file

@ -214,15 +214,19 @@ namespace controllers\publics;
}
/**
* Cette fonction insert un nouveau scheduled.
* Create a new scheduled message
* (you must provide at least one entry in any of numbers, contacts, groups or conditional_groups).
*
* @param $csrf : Le jeton CSRF
* @param string $_POST['name'] : Le nom du scheduled
* @param string $_POST['date'] : La date d'envoie du scheduled
* @param string $_POST['numbers'] : Les numeros de téléphone du scheduled
* @param string $_POST['contacts'] : Les contacts du scheduled
* @param string $_POST['groups'] : Les groups du scheduled
* @param array $_FILES['media'] : The media to link to a scheduled
* @param string $_POST['at'] : Date to send message for
* @param string $_POST['text'] : Text of the message
* @param ?bool $_POST['flash'] : Is the message a flash message (by default false)
* @param ?int $_POST['id_phone'] : Id of the phone to send message from, if null use random phone
* @param ?array $_POST['numbers'] : Numbers to send the message to
* @param ?array $_POST['contacts'] : Numbers to send the message to
* @param ?array $_POST['groups'] : Numbers to send the message to
* @param ?array $_POST['conditional_groups'] : Numbers to send the message to
* @param ?array $_FILES['media'] : The media to link to a scheduled
*/
public function create($csrf)
{
@ -237,11 +241,12 @@ namespace controllers\publics;
$at = $_POST['at'] ?? false;
$text = $_POST['text'] ?? false;
$flash = (bool) ($_POST['flash'] ?? false);
$origin = empty($_POST['origin']) ? null : $_POST['origin'];
$id_phone = empty($_POST['id_phone']) ? null : $_POST['id_phone'];
$numbers = $_POST['numbers'] ?? [];
$contacts = $_POST['contacts'] ?? [];
$groups = $_POST['groups'] ?? [];
$conditional_groups = $_POST['conditional_groups'] ?? [];
$media = $_FILES['media'] ?? false;
if (empty($text))
{
@ -278,14 +283,7 @@ namespace controllers\publics;
return $this->redirect(\descartes\Router::url('Scheduled', 'add'));
}
if ($origin && !$this->internal_phone->get_by_number_and_user($id_user, $origin))
{
\FlashMessage\FlashMessage::push('danger', 'Ce numéro n\'existe pas ou vous n\'en êtes pas propriétaire.');
return $this->redirect(\descartes\Router::url('Scheduled', 'add'));
}
$scheduled_id = $this->internal_scheduled->create($id_user, $at, $text, $origin, $flash, $numbers, $contacts, $groups, $conditional_groups);
$scheduled_id = $this->internal_scheduled->create($id_user, $at, $text, $id_phone, $flash, $numbers, $contacts, $groups, $conditional_groups);
if (!$scheduled_id)
{
\FlashMessage\FlashMessage::push('danger', 'Impossible de créer le Sms.');
@ -294,7 +292,6 @@ namespace controllers\publics;
}
//If mms is enabled, try to process a media to link to the scheduled
$media = $_FILES['media'] ?? false;
if (!($_SESSION['user']['settings']['mms'] ?? false) || !$media)
{
\FlashMessage\FlashMessage::push('success', 'Le Sms a bien été créé pour le ' . $at . '.');
@ -340,7 +337,7 @@ namespace controllers\publics;
$id_user = $_SESSION['user']['id'];
$at = $scheduled['at'] ?? false;
$text = $scheduled['text'] ?? false;
$origin = empty($scheduled['origin']) ? null : $scheduled['origin'];
$id_phone = empty($scheduled['id_phone']) ? null : $scheduled['id_phone'];
$flash = (bool) ($scheduled['flash'] ?? false);
$numbers = $scheduled['numbers'] ?? [];
$contacts = $scheduled['contacts'] ?? [];
@ -381,12 +378,7 @@ namespace controllers\publics;
continue;
}
if ($origin && !$this->internal_phone->get_by_number_and_user($id_user, $origin))
{
continue;
}
$success = $this->internal_scheduled->update_for_user($id_user, $id_scheduled, $at, $text, $origin, $flash, $numbers, $contacts, $groups, $conditional_groups);
$success = $this->internal_scheduled->update_for_user($id_user, $id_scheduled, $at, $text, $id_phone, $flash, $numbers, $contacts, $groups, $conditional_groups);
//Check for media
/*
@ -410,7 +402,7 @@ namespace controllers\publics;
}
*/
++$nb_update;
$nb_update++;
}
if ($nb_update !== \count($scheduleds))