CodeExplorer
You are a developer and looking for Shopware projects?
Apply Now!
getIntegrationId example
/** @var Script $script */
foreach ($scripts as $script) {
// todo@dr after implementing UI in admin, we can allow "private scripts" if (!$script->isAppScript()) {
throw new PermissionDeniedException();
}
/** @var ScriptAppInformation $appInfo */
$appInfo = $script->getScriptAppInformation();
$source = $context->getSource();
if ($source instanceof AdminApiSource && $source->getIntegrationId() === $appInfo->getIntegrationId()) {
// allow access to app endpoints from the integration of the same app continue;
}
if ($context->isAllowed('app.all')) {
continue;
}
// $name = $script->getAppName() ?? 'shop-owner-scripts'; if ($context->isAllowed('app.' . $appInfo->getAppName())) {
continue;
}
foreach ($scripts as $script) {
// todo@dr after implementing UI in admin, we can allow "private scripts" if (!$script->isAppScript()) {
throw new PermissionDeniedException();
}
/** @var ScriptAppInformation $appInfo */
$appInfo = $script->getScriptAppInformation();
$source = $context->getSource();
if ($source instanceof AdminApiSource && $source->getIntegrationId() === $appInfo->getIntegrationId()) {
// allow access to app endpoints from the integration of the same app continue;
}
if ($context->isAllowed('app.all')) {
continue;
}
// $name = $script->getAppName() ?? 'shop-owner-scripts'; if ($context->isAllowed('app.' . $appInfo->getAppName())) {
continue;
}
$fixturesPath = __DIR__ . '/../../../../../../tests/integration/Core/Framework/App/Manifest/_fixtures/test';
$this->loadAppsFromDir($fixturesPath, false);
$browser = $this->createClient();
$app = $this->fetchApp('test');
static::assertNotNull($app);
$accessKey = AccessKeyHelper::generateAccessKey('integration');
$secret = AccessKeyHelper::generateSecretAccessKey();
$this->setAccessTokenForIntegration($app->getIntegrationId(), $accessKey, $secret);
$authPayload = [
'grant_type' => 'client_credentials',
'client_id' => $accessKey,
'client_secret' => $secret,
];
$browser->request('POST', '/api/oauth/token', $authPayload);
static::assertEquals(Response::HTTP_UNAUTHORIZED, $browser->getResponse()->getStatusCode());
}
$this->loadAppsFromDir($fixturesPath, false);
$browser = $this->createClient();
$app = $this->fetchApp('test');
static::assertNotNull($app);
$accessKey = AccessKeyHelper::generateAccessKey('integration');
$secret = AccessKeyHelper::generateSecretAccessKey();
$this->setAccessTokenForIntegration($app->getIntegrationId(), $accessKey, $secret);
$authPayload = [
'grant_type' => 'client_credentials',
'client_id' => $accessKey,
'client_secret' => $secret,
];
$browser->request('POST', '/api/oauth/token', $authPayload);
static::assertEquals(Response::HTTP_UNAUTHORIZED, $browser->getResponse()->getStatusCode());
}
}
public function checkWrite(PreWriteValidationEvent $event): void
{
$context = $event->getContext();
if ($context->getSource() instanceof SystemSource || $context->getScope() === Context::SYSTEM_SCOPE) {
return;
}
$integrationId = $this->getIntegrationId($context);
$violationList = new ConstraintViolationList();
foreach ($event->getCommands() as $command) {
if (
!($command->getDefinition() instanceof CustomFieldSetDefinition)
|| $command instanceof InsertCommand
) {
continue;
}
$appIntegrationId = $this->fetchIntegrationIdOfAssociatedApp($command);
}
protected function reRegisterApp(Manifest $manifest, AppEntity $app, Context $context): void
{
$secret = AccessKeyHelper::generateSecretAccessKey();
$this->appRepository->update([
[
'id' => $app->getId(),
'integration' => [
'id' => $app->getIntegrationId(),
'accessKey' => AccessKeyHelper::generateAccessKey('integration'),
'secretAccessKey' => $secret,
],
],
], $context);
$this->registrationService->registerApp($manifest, $app->getId(), $secret, $context);
}
private function getAppForManifest(Manifest $manifest, AppCollection $installedApps): ?AppEntity
{
$client->request('PATCH', '/api/custom-field-set/' . $id, [], [], [
'HTTP_ACCEPT' => 'application/json',
], $json);
static::assertEquals(Response::HTTP_NO_CONTENT, $client->getResponse()->getStatusCode());
}
public function authorizeBrowserWithIntegrationForApp(KernelBrowser $browser, string $appId): void
{
$accessKey = AccessKeyHelper::generateAccessKey('integration');
$secretAccessKey = AccessKeyHelper::generateSecretAccessKey();
$id = Uuid::fromHexToBytes($this->appRepo->search(new Criteria([$appId]), Context::createDefaultContext())->first()->getIntegrationId());
$connection = $browser->getContainer()->get(Connection::class);
$connection->update('integration', [
'access_key' => $accessKey,
'secret_access_key' => password_hash($secretAccessKey, \PASSWORD_BCRYPT),
], ['id' => $id]);
$this->apiIntegrations[] = $id;
$authPayload = [
'HTTP_ACCEPT' => 'application/json',
], $json);
static::assertEquals(Response::HTTP_NO_CONTENT, $client->getResponse()->getStatusCode());
}
public function authorizeBrowserWithIntegrationForApp(KernelBrowser $browser, string $appId): void
{
$accessKey = AccessKeyHelper::generateAccessKey('integration');
$secretAccessKey = AccessKeyHelper::generateSecretAccessKey();
$id = Uuid::fromHexToBytes($this->appRepo->search(new Criteria([$appId]), Context::createDefaultContext())->first()->getIntegrationId());
$connection = $browser->getContainer()->get(Connection::class);
$connection->update('integration', [
'access_key' => $accessKey,
'secret_access_key' => password_hash($secretAccessKey, \PASSWORD_BCRYPT),
], ['id' => $id]);
$this->apiIntegrations[] = $id;
$authPayload = [
$config = $this->appLoader->getConfiguration($app);
if ($config) {
$this->systemConfigService->deleteExtensionConfiguration($app->getName(), $config);
}
}
$this->appRepository->delete([['id' => $app->getId()]], $context);
if ($softDelete) {
$this->integrationRepository->update([[
'id' => $app->getIntegrationId(),
'deletedAt' => new \DateTimeImmutable(),
]], $context);
$this->permissionPersister->softDeleteRole($app->getAclRoleId());
} else {
$this->integrationRepository->delete([['id' => $app->getIntegrationId()]], $context);
$this->permissionPersister->removeRole($app->getAclRoleId());
}
$this->deleteAclRole($app->getName(), $context);
});
}
if ($config) {
$this->systemConfigService->deleteExtensionConfiguration($app->getName(), $config);
}
}
$this->appRepository->delete([['id' => $app->getId()]], $context);
if ($softDelete) {
$this->integrationRepository->update([[
'id' => $app->getIntegrationId(),
'deletedAt' => new \DateTimeImmutable(),
]], $context);
$this->permissionPersister->softDeleteRole($app->getAclRoleId());
} else {
$this->integrationRepository->delete([['id' => $app->getIntegrationId()]], $context);
$this->permissionPersister->removeRole($app->getAclRoleId());
}
$this->deleteAclRole($app->getName(), $context);
});
}
private function installApp(string $appDir): ScriptAppInformation
{
$this->loadAppsFromDir($appDir);
/** @var AppEntity $app */
$app = $this->getContainer()->get('app.repository')->search(new Criteria(), Context::createDefaultContext())->first();
return new ScriptAppInformation(
$app->getId(),
$app->getName(),
$app->getIntegrationId()
);
}
private function getExistingTaxId(): string
{
/** @var EntityRepository $taxRepository */
$taxRepository = $this->getContainer()->get('tax.repository');
$criteria = new Criteria();
$criteria->addFilter(new EqualsFilter('name', 'Standard rate'));
{
$this->loadAppsFromDir($appDir);
/** @var AppEntity $app */
$app = $this->getContainer()->get('app.repository')->search(new Criteria(), Context::createDefaultContext())->first();
return new ScriptAppInformation(
$app->getId(),
$app->getName(),
$app->getIntegrationId()
);
}
private function getExistingTaxId(): string
{
/** @var EntityRepository $taxRepository */
$taxRepository = $this->getContainer()->get('tax.repository');
$criteria = new Criteria();
$criteria->addFilter(new EqualsFilter('name', 'Standard rate'));
private function createApp(string $appId, string $aclRoleId): void
{
$this->getContainer()->get(Connection::class)->insert('app', [
'id' => Uuid::fromHexToBytes($appId),
'name' => 'flowbuilderactionapp',
'active' => 1,
'path' => 'custom/apps/flowbuilderactionapp',
'version' => '1.0.0',
'configurable' => 0,
'app_secret' => 'appSecret',
'acl_role_id' => Uuid::fromHexToBytes($aclRoleId),
'integration_id' => $this->getIntegrationId(),
'created_at' => (new \DateTime())->format(Defaults::STORAGE_DATE_TIME_FORMAT),
]);
}
private function createAppFlowAction(string $flowAppId, string $appId): void
{
$this->getContainer()->get(Connection::class)->insert('app_flow_action', [
'id' => Uuid::fromHexToBytes($flowAppId),
'app_id' => Uuid::fromHexToBytes($appId),
'name' => 'telegram.send.message',
'badge' => 'Telegram',
{
$this->getContainer()->get(Connection::class)->insert('app', [
'id' => Uuid::fromHexToBytes($appId),
'name' => 'flowbuilderactionapp',
'active' => 1,
'path' => 'custom/apps/flowbuilderactionapp',
'version' => '1.0.0',
'configurable' => 0,
'app_secret' => 'appSecret',
'acl_role_id' => Uuid::fromHexToBytes($aclRoleId),
'integration_id' => $this->getIntegrationId(),
'created_at' => (new \DateTime())->format(Defaults::STORAGE_DATE_TIME_FORMAT),
]);
}
private function createAppFlowAction(string $flowAppId, string $appId): void
{
$this->getContainer()->get(Connection::class)->insert('app_flow_action', [
'id' => Uuid::fromHexToBytes($flowAppId),
'app_id' => Uuid::fromHexToBytes($appId),
'name' => 'telegram.send.message',
'badge' => 'Telegram',
$hook->getContext()->getRounding()
);
}
private function getAppContextSource(ScriptAppInformation $scriptAppInformation): AdminApiSource
{
if (\array_key_exists($scriptAppInformation->getAppId(), $this->appSources)) {
return $this->appSources[$scriptAppInformation->getAppId()];
}
$privileges = $this->fetchPrivileges($scriptAppInformation->getAppId());
$source = new AdminApiSource(null, $scriptAppInformation->getIntegrationId());
$source->setIsAdmin(false);
$source->setPermissions($privileges);
return $this->appSources[$scriptAppInformation->getAppId()] = $source;
}
private function fetchPrivileges(string $appId): array
{
$privileges = $this->connection->fetchOne(' SELECT `acl_role`.`privileges` AS `privileges` FROM `acl_role` INNER JOIN `app` ON `app`.`acl_role_id` = `acl_role`.`id` WHERE `app`.`id` = :appId ',
);
}
private function getAppContextSource(ScriptAppInformation $scriptAppInformation): AdminApiSource
{
if (\array_key_exists($scriptAppInformation->getAppId(), $this->appSources)) {
return $this->appSources[$scriptAppInformation->getAppId()];
}
$privileges = $this->fetchPrivileges($scriptAppInformation->getAppId());
$source = new AdminApiSource(null, $scriptAppInformation->getIntegrationId());
$source->setIsAdmin(false);
$source->setPermissions($privileges);
return $this->appSources[$scriptAppInformation->getAppId()] = $source;
}
private function fetchPrivileges(string $appId): array
{
$privileges = $this->connection->fetchOne(' SELECT `acl_role`.`privileges` AS `privileges` FROM `acl_role` INNER JOIN `app` ON `app`.`acl_role_id` = `acl_role`.`id` WHERE `app`.`id` = :appId ',
$definition = $this->registry->getByEntityName($data->getEntityName());
$id = $data->getEntityId();
$id = $this->addVersionToPayload($id, $definition, Defaults::LIVE_VERSION);
$payload = $this->addVersionToPayload($data->getPayload(), $definition, Defaults::LIVE_VERSION);
$new[] = [
'entityId' => $id,
'payload' => Json::encode($payload),
'userId' => $data->getUserId(),
'integrationId' => $data->getIntegrationId(),
'entityName' => $data->getEntityName(),
'action' => $data->getAction(),
'createdAt' => (new \DateTime())->format(Defaults::STORAGE_DATE_TIME_FORMAT),
];
}
}
$commit = [
'versionId' => Defaults::LIVE_VERSION,
'data' => $new,
'userId' => $writeContext->getContext()->getSource() instanceof AdminApiSource ? $writeContext->getContext()->getSource()->getUserId() : null,
$id = $data->getEntityId();
$id = $this->addVersionToPayload($id, $definition, Defaults::LIVE_VERSION);
$payload = $this->addVersionToPayload($data->getPayload(), $definition, Defaults::LIVE_VERSION);
$new[] = [
'entityId' => $id,
'payload' => Json::encode($payload),
'userId' => $data->getUserId(),
'integrationId' => $data->getIntegrationId(),
'entityName' => $data->getEntityName(),
'action' => $data->getAction(),
'createdAt' => (new \DateTime())->format(Defaults::STORAGE_DATE_TIME_FORMAT),
];
}
}
$commit = [
'versionId' => Defaults::LIVE_VERSION,
'data' => $new,
'userId' => $writeContext->getContext()->getSource() instanceof AdminApiSource ? $writeContext->getContext()->getSource()->getUserId() : null,
private function installApp(string $appDir): ScriptAppInformation
{
$this->loadAppsFromDir($appDir);
/** @var AppEntity $app */
$app = $this->getContainer()->get('app.repository')->search(new Criteria(), Context::createDefaultContext())->first();
return new ScriptAppInformation(
$app->getId(),
$app->getName(),
$app->getIntegrationId()
);
}
}
{
$this->loadAppsFromDir($appDir);
/** @var AppEntity $app */
$app = $this->getContainer()->get('app.repository')->search(new Criteria(), Context::createDefaultContext())->first();
return new ScriptAppInformation(
$app->getId(),
$app->getName(),
$app->getIntegrationId()
);
}
}
public function testAccessFromAppIntegrationIsAllowed(): void
{
$this->loadAppsFromDir(__DIR__ . '/_fixtures');
$criteria = new Criteria();
$criteria->addFilter(new EqualsFilter('name', 'api-endpoint-cases'));
/** @var AppEntity $app */
$app = $this->getContainer()->get('app.repository')->search($criteria, Context::createDefaultContext())->first();
$browser = $this->getBrowserAuthenticatedWithIntegration($app->getIntegrationId());
$browser->request('POST', '/api/script/simple-script');
static::assertNotFalse($browser->getResponse()->getContent());
$response = \json_decode($browser->getResponse()->getContent(), true, 512, \JSON_THROW_ON_ERROR);
static::assertSame(Response::HTTP_OK, $browser->getResponse()->getStatusCode(), print_r($response, true));
}
public function testRedirectResponse(): void
{
$this->loadAppsFromDir(__DIR__ . '/_fixtures');
private function authorizeBrowserWithIntegrationByAppName(KernelBrowser $browser, string $appName): void
{
$app = $this->fetchApp($appName);
if (!$app) {
throw new \RuntimeException('No app found with name: ' . $appName);
}
$accessKey = AccessKeyHelper::generateAccessKey('integration');
$secret = AccessKeyHelper::generateSecretAccessKey();
$this->setAccessTokenForIntegration($app->getIntegrationId(), $accessKey, $secret);
$authPayload = [
'grant_type' => 'client_credentials',
'client_id' => $accessKey,
'client_secret' => $secret,
];
$browser->request('POST', '/api/oauth/token', $authPayload);
static::assertIsString($browser->getResponse()->getContent());
$data = json_decode($browser->getResponse()->getContent(), true, 512, \JSON_THROW_ON_ERROR);
{
$app = $this->fetchApp($appName);
if (!$app) {
throw new \RuntimeException('No app found with name: ' . $appName);
}
$accessKey = AccessKeyHelper::generateAccessKey('integration');
$secret = AccessKeyHelper::generateSecretAccessKey();
$this->setAccessTokenForIntegration($app->getIntegrationId(), $accessKey, $secret);
$authPayload = [
'grant_type' => 'client_credentials',
'client_id' => $accessKey,
'client_secret' => $secret,
];
$browser->request('POST', '/api/oauth/token', $authPayload);
static::assertIsString($browser->getResponse()->getContent());
$data = json_decode($browser->getResponse()->getContent(), true, 512, \JSON_THROW_ON_ERROR);
throw RoutingException::missingRequestParameter('status');
}
if (empty($message)) {
throw RoutingException::missingRequestParameter('message');
}
if (!\is_array($requiredPrivileges)) {
throw RoutingException::invalidRequestParameter('requiredPrivileges');
}
$integrationId = $source->getIntegrationId();
$createdByUserId = $source->getUserId();
try {
$cacheKey = $createdByUserId ?? $integrationId . '-' . $request->getClientIp();
$this->rateLimiter->ensureAccepted(self::NOTIFICATION, $cacheKey);
} catch (RateLimitExceededException $exception) {
throw new NotificationThrottledException($exception->getWaitTime(), $exception);
}
$notificationId = Uuid::randomHex();
$this->notificationService->createNotification([
}
if (empty($message)) {
throw RoutingException::missingRequestParameter('message');
}
if (!\is_array($requiredPrivileges)) {
throw RoutingException::invalidRequestParameter('requiredPrivileges');
}
$integrationId = $source->getIntegrationId();
$createdByUserId = $source->getUserId();
try {
$cacheKey = $createdByUserId ?? $integrationId . '-' . $request->getClientIp();
$this->rateLimiter->ensureAccepted(self::NOTIFICATION, $cacheKey);
} catch (RateLimitExceededException $exception) {
throw new NotificationThrottledException($exception->getWaitTime(), $exception);
}
$notificationId = Uuid::randomHex();
$this->notificationService->createNotification([
private function installApp(string $appDir): ScriptAppInformation
{
$this->loadAppsFromDir($appDir);
/** @var AppEntity $app */
$app = $this->getContainer()->get('app.repository')->search(new Criteria(), Context::createDefaultContext())->first();
return new ScriptAppInformation(
$app->getId(),
$app->getName(),
$app->getIntegrationId()
);
}
}
{
$this->loadAppsFromDir($appDir);
/** @var AppEntity $app */
$app = $this->getContainer()->get('app.repository')->search(new Criteria(), Context::createDefaultContext())->first();
return new ScriptAppInformation(
$app->getId(),
$app->getName(),
$app->getIntegrationId()
);
}
}