tracer
/
bindAPI
3
0
Fork 0
Code Issues 1 Pull Requests Projects Releases 14 Wiki Activity
bindAPI/bindAPI/src/Controller/RequestController.php

245 lines
6.2 KiB
PHP
Raw Blame History

<?php
namespace App\Controller;
use PDO;
/**
*
*/
class RequestController
{
private PDO $dbConnection;
private DomainController $domainController;
private String $requestMethod;
private array $uri;
private String $status;
private String $message;
public function __construct(PDO $dbConnection, String $requestMethod, array $uri)
{
$this->dbConnection = $dbConnection;
$this->requestMethod = strtoupper($requestMethod);
$this->uri = $uri;
$this->domainController = new DomainController($dbConnection);
}
public function processRequest()
{
$result = Array();
if (empty($this->uri[2]) || $this->uri[2] != 'domains') {
$this->status = "404 Not Found";
$this->message = "Endpoint not found.";
} else {
if ($this->checkPassword()) {
switch ($this->requestMethod) {
case 'GET':
if (empty($this->uri[3])) {
$result = $this->domainController->findAll();
} else {
if (strtolower($this->uri[3]) == "check") {
$result = $this->checkDomains();
} else {
$result = $this->domainController->findByName($this->uri[3]);
}
}
break;
case 'POST':
$name = $_POST['name'] ?? "";
$a = $_POST['a'] ?? "";
$aaaa = $_POST['aaaa'] ?? "";
if (empty($name)) {
$this->status = "400 Bad Request";
$this->message = "A name is required";
break;
}
if (empty($a) && empty($aaaa)) {
$this->status = "400 Bad Request";
$this->message = "At least one IP address is required.";
break;
}
if($this->domainController->findByName($name)) {
$this->status = "400 Bad request";
$this->message = "Domain: $name already exists.";
} else {
$dcResult = $this->domainController->insert($name, $a, $aaaa);
$this->status = "201 Created";
$this->message = $dcResult;
}
break;
case 'PUT':
$putData = fopen('php://input', 'r');
$data = fread($putData, 512);
$params = explode( '&', $data);
foreach ($params as $param) {
[$key, $value] = explode('=', $param);
$put[$key] = $value;
}
$id = $put['id'] ?? 0;
$name = $put['name'] ?? "";
$a = $put['a'] ?? "";
$aaaa = $put['aaaa'] ?? "";
if ($id == 0) {
$this->status = "400 Bad Request";
$this->message = "An ID is required";
break;
}
if(!$this->domainController->findByID($id)) {
$this->status = "400 Bad request";
$this->message = "Domain with ID : $id doesn't exist.";
break;
}
if (empty($name)) {
$this->status = "400 Bad Request";
$this->message = "A name is required";
break;
}
if (empty($a) && empty($aaaa)) {
$this->status = "400 Bad Request";
$this->message = "At least one IP address is required.";
break;
}
$dcResult = $this->domainController->update($id, $name, $a, $aaaa);
$this->status = "201 Updated";
$this->message = $dcResult;
break;
case "DELETE":
$deleteData = fopen('php://input', 'r');
$data = fread($deleteData, 512);
$params = explode( '&', $data);
foreach ($params as $param) {
[$key, $value] = explode('=', $param);
$delete[$key] = $value;
}
$id = $delete['id'] ?? 0;
if ($id == 0) {
$this->status = "400 Bad Request";
$this->message = "A valid ID is required.";
break;
}
if(!$this->domainController->findByID($id)) {
$this->status = "400 Bad Request";
$this->message = "There is no domain with ID $id.";
break;
}
$this->domainController->delete($id);
$this->status = "204 No content.";
$this->message = "The domain $id has been deleted.";
break;
default:
$this->status = "400 Bad Request";
$this->message = "unknown request method: $this->requestMethod";
}
}
}
if (!empty($result)) {
echo json_encode($result);
} else {
echo json_encode([
'status' => $this->status ?? "Error: No status",
'message' => $this->message ?? "Error: No message."
]);
}
}
/**
* @return array
*/
function checkDomains(): array
{
$errors = Array();
$domains = $this->domainController->findAll();
// check for included main file in /etc/bind/named.conf.local
// it needs to include "/etc/bind/local.zones";
$localZoneFile = '/etc/bind/local.zones';
$localZonesDir = '/etc/bind/zones/';
$namedConfLocalFile = '/etc/bind/named.conf.local';
if ($namedConfLocal = file_get_contents($namedConfLocalFile)) {
if (!str_contains($namedConfLocal, $localZoneFile)) {
$errors[] = "$localZoneFile needs to be included in $namedConfLocalFile.";
}
} else {
$errors[] = "No access to '$namedConfLocalFile'. Please check permissions";
return $errors;
}
if (!fileperms($localZoneFile)) {
$errors[] = "No access to $localZoneFile. Please check permissions.";
return $errors;
}
$localZones = file_get_contents($localZoneFile);
foreach($domains as $domain) {
if(!str_contains($localZones, $domain['name'])) {
$errors[] = $domain['name'] . " is missing in '$localZoneFile'";
}
$zoneFile = $localZonesDir . $domain['name'];
if (!file_exists($zoneFile)) {
$errors[] = "Missing zone file for $zoneFile. Update zone to create it";
}
}
if (empty($errors)) {
return [
'status' => "200 domains healthy.",
'message' => "All domains ar setup."
];
} else {
return $errors;
}
}
/**
* @return bool
*/
public function checkPassword(): bool
{
$headers = array_change_key_case(getallheaders(), CASE_UPPER);
$apiKey = $headers['X-API-KEY'] ?? "";
if (empty($apiKey)) {
$this->status = "401 Unauthorized";
$this->message = "API key is missing.";
return false;
} else {
[$prefix,] = explode('.', $apiKey);
$apiUsers = new ApiUsers($this->dbConnection);
$apiResult = $apiUsers->findByPrefix($prefix);
$storedHash = $apiResult['api_token'];
if (!password_verify($apiKey, $storedHash)) {
$this->status = "401 Unauthorized";
$this->message = "API key mismatch.";
return false;
}
}
return true;
}
}
Reference in New Issue View Git Blame Copy Permalink