External/domain-watchdog
1
0
Fork 0
mirror of https://github.com/maelgangloff/domain-watchdog.git synced 2025-12-23 12:45:36 +00:00
Code Issues Packages Projects Releases Wiki Activity

wip: refactor watchlist update and watchlist trigger URI for upsert

Browse Source
This commit is contained in:
Vincent 2025-05-06 14:02:23 +02:00
parent 01c8c72fe6
commit a9ed531921
No known key found for this signature in database
GPG Key ID: 056662E78D70E358
4 changed files with 93 additions and 156 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

134
src/Controller/WatchListController.php
View File

@ -177,140 +177,6 @@ class WatchListController extends AbstractController
return $user->getWatchLists(); return $user->getWatchLists();
} }
/**
* @throws \Exception
* @throws ExceptionInterface
*/
private function verifyConnector(WatchList $watchList, ?Connector $connector): void
{
/** @var User $user */
$user = $this->getUser();
if (null === $connector) {
return;
}
if (!$user->getConnectors()->contains($connector)) {
$this->logger->notice('The Connector ({connector}) does not belong to the user.', [
'username' => $user->getUserIdentifier(),
'connector' => $connector->getId(),
]);
throw new AccessDeniedHttpException('You cannot create a Watchlist with a connector that does not belong to you');
}
/** @var Domain $domain */
foreach ($watchList->getDomains()->getIterator() as $domain) {
if ($domain->getDeleted()) {
$ldhName = $domain->getLdhName();
throw new BadRequestHttpException("To add a connector, no domain in this Watchlist must have already expired ($ldhName)");
}
}
$connectorProviderClass = $connector->getProvider()->getConnectorProvider();
/** @var AbstractProvider $connectorProvider */
$connectorProvider = $this->locator->get($connectorProviderClass);
$connectorProvider->authenticate($connector->getAuthData());
$supported = $connectorProvider->isSupported(...$watchList->getDomains()->toArray());
if (!$supported) {
$this->logger->notice('The Connector ({connector}) does not support all TLDs in this Watchlist', [
'username' => $user->getUserIdentifier(),
'connector' => $connector->getId(),
]);
throw new BadRequestHttpException('This connector does not support all TLDs in this Watchlist');
}
}
/**
* @throws ORMException
* @throws RedirectionExceptionInterface
* @throws DecodingExceptionInterface
* @throws ClientExceptionInterface
* @throws \JsonException
* @throws OptimisticLockException
* @throws TransportExceptionInterface
* @throws ServerExceptionInterface
* @throws ExceptionInterface
* @throws \Exception
*/
#[Route(
path: '/api/watchlists/{token}',
name: 'watchlist_update',
defaults: [
'_api_resource_class' => WatchList::class,
'_api_operation_name' => 'update',
],
methods: ['PUT']
)]
public function putWatchList(Request $request): WatchList
{
$watchList = $this->registerDomainsInWatchlist($request->getContent(), ['watchlist:create', 'watchlist:token']);
/** @var User $user */
$user = $this->getUser();
$watchList->setUser($user);
if ($this->getParameter('limited_features')) {
if ($watchList->getDomains()->count() > (int) $this->getParameter('limit_max_watchlist_domains')) {
$this->logger->notice('User {username} tried to update a Watchlist. The maximum number of domains has been reached for this Watchlist', [
'username' => $user->getUserIdentifier(),
]);
throw new AccessDeniedHttpException('You have exceeded the maximum number of domain names allowed in this Watchlist');
}
$userWatchLists = $user->getWatchLists();
/** @var Domain[] $trackedDomains */
$trackedDomains = $userWatchLists
->filter(fn (WatchList $wl) => $wl->getToken() !== $watchList->getToken())
->reduce(fn (array $acc, WatchList $wl) => [...$acc, ...$wl->getDomains()->toArray()], []);
/** @var Domain $domain */
foreach ($watchList->getDomains()->getIterator() as $domain) {
if (in_array($domain, $trackedDomains)) {
$ldhName = $domain->getLdhName();
$this->logger->notice('User {username} tried to update a watchlist with domain name {ldhName}. It is forbidden to register the same domain name twice with limited mode', [
'username' => $user->getUserIdentifier(),
'ldhName' => $ldhName,
]);
throw new AccessDeniedHttpException("It is forbidden to register the same domain name twice in your watchlists with limited mode ($ldhName)");
}
}
if (null !== $watchList->getWebhookDsn() && count($watchList->getWebhookDsn()) > (int) $this->getParameter('limit_max_watchlist_webhooks')) {
$this->logger->notice('User {username} tried to update a Watchlist. The maximum number of webhooks has been reached.', [
'username' => $user->getUserIdentifier(),
]);
throw new AccessDeniedHttpException('You have exceeded the maximum number of webhooks allowed in this Watchlist');
}
}
$this->chatNotificationService->sendChatNotification($watchList, new TestChatNotification());
$this->verifyConnector($watchList, $watchList->getConnector());
$this->logger->info('User {username} updates a Watchlist ({token}).', [
'username' => $user->getUserIdentifier(),
'token' => $watchList->getToken(),
]);
$this->em->beginTransaction();
/** @var WatchList $oldWatchlist */
$oldWatchlist = $this->em->getReference(WatchList::class, $watchList->getToken());
$this->em->lock($oldWatchlist, LockMode::PESSIMISTIC_WRITE);
$this->em->remove($oldWatchlist);
$this->em->flush();
$this->em->persist($watchList);
$this->em->flush();
$this->em->commit();
return $watchList;
}
/** /**
* @throws ParseException * @throws ParseException
* @throws EofException * @throws EofException

2
src/Entity/WatchList.php
View File

@ -79,14 +79,12 @@ use Symfony\Component\Uid\Uuid;
name: 'calendar' name: 'calendar'
), ),
new Post( new Post(
routeName: 'watchlist_create',
normalizationContext: ['groups' => 'watchlist:list'], normalizationContext: ['groups' => 'watchlist:list'],
denormalizationContext: ['groups' => 'watchlist:create'], denormalizationContext: ['groups' => 'watchlist:create'],
name: 'create', name: 'create',
processor: WatchListUpdateProcessor::class, processor: WatchListUpdateProcessor::class,
), ),
new Put( new Put(
routeName: 'watchlist_update',
normalizationContext: ['groups' => 'watchlist:item'], normalizationContext: ['groups' => 'watchlist:item'],
denormalizationContext: ['groups' => ['watchlist:create', 'watchlist:token']], denormalizationContext: ['groups' => ['watchlist:create', 'watchlist:token']],
security: 'object.user == user', security: 'object.user == user',

10
src/Entity/WatchListTrigger.php
View File

@ -2,12 +2,22 @@
namespace App\Entity; namespace App\Entity;
use ApiPlatform\Metadata\ApiResource;
use ApiPlatform\Metadata\Link;
use App\Config\TriggerAction; use App\Config\TriggerAction;
use App\Repository\EventTriggerRepository; use App\Repository\EventTriggerRepository;
use Doctrine\ORM\Mapping as ORM; use Doctrine\ORM\Mapping as ORM;
use Symfony\Component\Serializer\Attribute\Groups; use Symfony\Component\Serializer\Attribute\Groups;
#[ORM\Entity(repositoryClass: EventTriggerRepository::class)] #[ORM\Entity(repositoryClass: EventTriggerRepository::class)]
#[ApiResource(
uriTemplate: '/watchlists/{watchListId}/triggers/{action}/{event}',
uriVariables: [
'watchListId' => new Link(fromProperty: 'token', toProperty: 'watchList', fromClass: WatchList::class),
'action' => 'action',
'event' => 'event',
],
)]
class WatchListTrigger class WatchListTrigger
{ {
#[ORM\Id] #[ORM\Id]

103
src/State/WatchListUpdateProcessor.php
View File

@ -7,11 +7,18 @@ use ApiPlatform\Metadata\Post;
use ApiPlatform\State\ProcessorInterface; use ApiPlatform\State\ProcessorInterface;
use App\Entity\Domain; use App\Entity\Domain;
use App\Entity\WatchList; use App\Entity\WatchList;
use App\Notifier\TestChatNotification;
use App\Repository\DomainRepository; use App\Repository\DomainRepository;
use App\Service\ChatNotificationService;
use App\Service\Connector\AbstractProvider;
use App\Service\RDAPService; use App\Service\RDAPService;
use Psr\Log\LoggerInterface;
use Symfony\Bundle\SecurityBundle\Security; use Symfony\Bundle\SecurityBundle\Security;
use Symfony\Component\DependencyInjection\Attribute\Autowire; use Symfony\Component\DependencyInjection\Attribute\Autowire;
use Symfony\Component\DependencyInjection\ContainerInterface;
use Symfony\Component\DependencyInjection\ParameterBag\ParameterBagInterface; use Symfony\Component\DependencyInjection\ParameterBag\ParameterBagInterface;
use Symfony\Component\HttpKernel\Exception\AccessDeniedHttpException;
use Symfony\Component\HttpKernel\Exception\BadRequestHttpException;
use Symfony\Component\HttpKernel\Exception\TooManyRequestsHttpException; use Symfony\Component\HttpKernel\Exception\TooManyRequestsHttpException;
use Symfony\Component\HttpKernel\KernelInterface; use Symfony\Component\HttpKernel\KernelInterface;
use Symfony\Component\RateLimiter\RateLimiterFactory; use Symfony\Component\RateLimiter\RateLimiterFactory;
@ -19,14 +26,18 @@ use Symfony\Component\RateLimiter\RateLimiterFactory;
class WatchListUpdateProcessor implements ProcessorInterface class WatchListUpdateProcessor implements ProcessorInterface
{ {
public function __construct( public function __construct(
private readonly DomainRepository $domainRepository, private readonly DomainRepository $domainRepository,
private readonly RDAPService $RDAPService, private readonly RDAPService $RDAPService,
private readonly KernelInterface $kernel, private readonly KernelInterface $kernel,
private readonly Security $security, private readonly Security $security,
private readonly RateLimiterFactory $rdapRequestsLimiter, private readonly RateLimiterFactory $rdapRequestsLimiter,
private readonly ParameterBagInterface $parameterBag, private readonly ParameterBagInterface $parameterBag,
#[Autowire(service: 'api_platform.doctrine.orm.state.persist_processor')] #[Autowire(service: 'api_platform.doctrine.orm.state.persist_processor')]
private readonly ProcessorInterface $persistProcessor, private readonly ProcessorInterface $persistProcessor,
private readonly LoggerInterface $logger,
private readonly ChatNotificationService $chatNotificationService,
#[Autowire(service: 'service_container')]
private readonly ContainerInterface $locator,
) )
{} {}
@ -39,30 +50,82 @@ class WatchListUpdateProcessor implements ProcessorInterface
*/ */
public function process(mixed $data, Operation $operation, array $uriVariables = [], array $context = []): mixed public function process(mixed $data, Operation $operation, array $uriVariables = [], array $context = []): mixed
{ {
foreach ($data->getDomains() as $ldhName) { dd($data);
/** @var ?Domain $domain */ $user = $this->security->getUser();
$domain = $this->domainRepository->findOneBy(['ldhName' => $ldhName]);
if (null === $domain) { if ($this->parameterBag->get('limited_features')) {
$domain = $this->RDAPService->registerDomain($ldhName); if ($data->getDomains()->count() > (int) $this->parameterBag->get('limit_max_watchlist_domains')) {
$this->logger->notice('User {username} tried to update a Watchlist. The maximum number of domains has been reached for this Watchlist', [
'username' => $user->getUserIdentifier(),
]);
throw new AccessDeniedHttpException('You have exceeded the maximum number of domain names allowed in this Watchlist');
}
if (false === $this->kernel->isDebug() && true === $this->parameterBag->get('limited_features')) { $userWatchLists = $user->getWatchLists();
$limiter = $this->rdapRequestsLimiter->create($this->security->getUser()->getUserIdentifier());
$limit = $limiter->consume();
if (!$limit->isAccepted()) { /** @var Domain[] $trackedDomains */
throw new TooManyRequestsHttpException($limit->getRetryAfter()->getTimestamp() - time()); $trackedDomains = $userWatchLists
} ->filter(fn (WatchList $wl) => $wl->getToken() !== $data->getToken())
->reduce(fn (array $acc, WatchList $wl) => [...$acc, ...$wl->getDomains()->toArray()], []);
/** @var Domain $domain */
foreach ($data->getDomains()->getIterator() as $domain) {
if (in_array($domain, $trackedDomains)) {
$ldhName = $domain->getLdhName();
$this->logger->notice('User {username} tried to update a watchlist with domain name {ldhName}. It is forbidden to register the same domain name twice with limited mode', [
'username' => $user->getUserIdentifier(),
'ldhName' => $ldhName,
]);
throw new AccessDeniedHttpException("It is forbidden to register the same domain name twice in your watchlists with limited mode ($ldhName)");
} }
} }
$data->addDomain($domain); if (null !== $data->getWebhookDsn() && count($data->getWebhookDsn()) > (int) $this->parameterBag->get('limit_max_watchlist_webhooks')) {
$this->logger->notice('User {username} tried to update a Watchlist. The maximum number of webhooks has been reached.', [
'username' => $user->getUserIdentifier(),
]);
throw new AccessDeniedHttpException('You have exceeded the maximum number of webhooks allowed in this Watchlist');
}
} }
if ($operation instanceof Post) { $this->chatNotificationService->sendChatNotification($data, new TestChatNotification());
$this->persistProcessor->process($data, $operation, $uriVariables, $context);
if ($connector = $data->getConnector()) {
if (!$user->getConnectors()->contains($connector)) {
$this->logger->notice('The Connector ({connector}) does not belong to the user.', [
'username' => $user->getUserIdentifier(),
'connector' => $connector->getId(),
]);
throw new AccessDeniedHttpException('You cannot create a Watchlist with a connector that does not belong to you');
}
/** @var Domain $domain */
foreach ($data->getDomains()->getIterator() as $domain) {
if ($domain->getDeleted()) {
$ldhName = $domain->getLdhName();
throw new BadRequestHttpException("To add a connector, no domain in this Watchlist must have already expired ($ldhName)");
}
}
$connectorProviderClass = $connector->getProvider()->getConnectorProvider();
/** @var AbstractProvider $connectorProvider */
$connectorProvider = $this->locator->get($connectorProviderClass);
$connectorProvider->authenticate($connector->getAuthData());
$supported = $connectorProvider->isSupported(...$data->getDomains()->toArray());
if (!$supported) {
$this->logger->notice('The Connector ({connector}) does not support all TLDs in this Watchlist', [
'username' => $user->getUserIdentifier(),
'connector' => $connector->getId(),
]);
throw new BadRequestHttpException('This connector does not support all TLDs in this Watchlist');
}
} }
$this->persistProcessor->process($data, $operation, $uriVariables, $context);
return $data; return $data;
} }
} }