From da1ae4cb8ecee2eac16a8be01d95bab592bceae3 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Ma=C3=ABl=20Gangloff?= Date: Tue, 6 Aug 2024 00:35:05 +0200 Subject: [PATCH] fix: connector creation --- assets/utils/providers/index.tsx | 2 +- src/Config/Connector/OvhConnector.php | 39 ++++++++++++++++++++++++++ src/Controller/ConnectorController.php | 1 + src/Entity/Connector.php | 1 - 4 files changed, 41 insertions(+), 2 deletions(-) diff --git a/assets/utils/providers/index.tsx b/assets/utils/providers/index.tsx index 585c5e1..e198eaf 100644 --- a/assets/utils/providers/index.tsx +++ b/assets/utils/providers/index.tsx @@ -7,7 +7,7 @@ export const helpGetTokenLink = (provider?: string) => { switch (provider) { case ConnectorProvider.OVH: return + href="https://api.ovh.com/createToken/index.cgi?GET=/order/cart&GET=/order/cart/*&POST=/order/cart&POST=/order/cart/*&DELETE=/order/cart/*"> {t`Retrieve a set of tokens from your customer account on the Provider's website`} default: diff --git a/src/Config/Connector/OvhConnector.php b/src/Config/Connector/OvhConnector.php index bfccdae..41e1862 100644 --- a/src/Config/Connector/OvhConnector.php +++ b/src/Config/Connector/OvhConnector.php @@ -7,6 +7,28 @@ use Ovh\Api; readonly class OvhConnector implements ConnectorInterface { + public const REQUIRED_ROUTES = [ + [ + 'method' => 'GET', + 'path' => '/order/cart', + ], [ + 'method' => 'GET', + 'path' => '/order/cart/*', + ], + [ + 'method' => 'POST', + 'path' => '/order/cart', + ], + [ + 'method' => 'POST', + 'path' => '/order/cart/*', + ], + [ + 'method' => 'DELETE', + 'path' => '/order/cart/*', + ], + ]; + public function __construct(private array $authData) { } @@ -139,6 +161,23 @@ readonly class OvhConnector implements ConnectorInterface throw new \Exception("The status of these credentials is not valid ($status)"); } + foreach (self::REQUIRED_ROUTES as $requiredRoute) { + $ok = false; + + foreach ($res['rules'] as $allowedRoute) { + if ( + $requiredRoute['method'] === $allowedRoute['method'] + && fnmatch($allowedRoute['path'], $requiredRoute['path']) + ) { + $ok = true; + } + } + + if (!$ok) { + throw new \Exception('The credentials provided do not have enough permissions to purchase a domain name.'); + } + } + return [ 'appKey' => $appKey, 'appSecret' => $appSecret, diff --git a/src/Controller/ConnectorController.php b/src/Controller/ConnectorController.php index b39374e..4209900 100644 --- a/src/Controller/ConnectorController.php +++ b/src/Controller/ConnectorController.php @@ -81,6 +81,7 @@ class ConnectorController extends AbstractController 'username' => $user->getUserIdentifier(), ]); + $connector->setCreatedAt(new \DateTimeImmutable('now')); $this->em->persist($connector); $this->em->flush(); diff --git a/src/Entity/Connector.php b/src/Entity/Connector.php index a4e1d60..4fa8eaf 100644 --- a/src/Entity/Connector.php +++ b/src/Entity/Connector.php @@ -30,7 +30,6 @@ use Symfony\Component\Uid\Uuid; new Post( routeName: 'connector_create', normalizationContext: ['groups' => ['connector:create', 'connector:list']], denormalizationContext: ['groups' => 'connector:create'], - security: 'object.user == user', name: 'create' ), new Delete(),