fix: connector creation

2025-12-17 17:55:42 +00:00 · 2024-08-06 00:35:05 +02:00 · 2024-08-06 00:35:05 +02:00 · da1ae4cb8e
commit da1ae4cb8e
parent 6f3c780e42
4 changed files with 41 additions and 2 deletions
--- a/assets/utils/providers/index.tsx
+++ b/assets/utils/providers/index.tsx
@ -7,7 +7,7 @@ export const helpGetTokenLink = (provider?: string) => {
    switch (provider) {
        case ConnectorProvider.OVH:
            return <Typography.Link target='_blank'
-                                    href="https://api.ovh.com/createToken/index.cgi?GET=/order/cart/*&POST=/order/cart&POST=/order/cart/*&DELETE=/order/cart/*">
+                                    href="https://api.ovh.com/createToken/index.cgi?GET=/order/cart&GET=/order/cart/*&POST=/order/cart&POST=/order/cart/*&DELETE=/order/cart/*">
                {t`Retrieve a set of tokens from your customer account on the Provider's website`}
            </Typography.Link>
        default:
--- a/src/Config/Connector/OvhConnector.php
+++ b/src/Config/Connector/OvhConnector.php
@ -7,6 +7,28 @@ use Ovh\Api;

 readonly class OvhConnector implements ConnectorInterface
 {
+    public const REQUIRED_ROUTES = [
+        [
+            'method' => 'GET',
+            'path' => '/order/cart',
+        ], [
+            'method' => 'GET',
+            'path' => '/order/cart/*',
+        ],
+        [
+            'method' => 'POST',
+            'path' => '/order/cart',
+        ],
+        [
+            'method' => 'POST',
+            'path' => '/order/cart/*',
+        ],
+        [
+            'method' => 'DELETE',
+            'path' => '/order/cart/*',
+        ],
+    ];
+
    public function __construct(private array $authData)
    {
    }
@ -139,6 +161,23 @@ readonly class OvhConnector implements ConnectorInterface
            throw new \Exception("The status of these credentials is not valid ($status)");
        }

+        foreach (self::REQUIRED_ROUTES as $requiredRoute) {
+            $ok = false;
+
+            foreach ($res['rules'] as $allowedRoute) {
+                if (
+                    $requiredRoute['method'] === $allowedRoute['method']
+                    && fnmatch($allowedRoute['path'], $requiredRoute['path'])
+                ) {
+                    $ok = true;
+                }
+            }
+
+            if (!$ok) {
+                throw new \Exception('The credentials provided do not have enough permissions to purchase a domain name.');
+            }
+        }
+
        return [
            'appKey' => $appKey,
            'appSecret' => $appSecret,
--- a/src/Controller/ConnectorController.php
+++ b/src/Controller/ConnectorController.php
@ -81,6 +81,7 @@ class ConnectorController extends AbstractController
            'username' => $user->getUserIdentifier(),
        ]);

+        $connector->setCreatedAt(new \DateTimeImmutable('now'));
        $this->em->persist($connector);
        $this->em->flush();

--- a/src/Entity/Connector.php
+++ b/src/Entity/Connector.php
@ -30,7 +30,6 @@ use Symfony\Component\Uid\Uuid;
        new Post(
            routeName: 'connector_create',
            normalizationContext: ['groups' => ['connector:create', 'connector:list']], denormalizationContext: ['groups' => 'connector:create'],
-            security: 'object.user == user',
            name: 'create'
        ),
        new Delete(),