rgutierrez/resq
1
0
Fork 0
Code Issues 126 Pull requests 49 Projects Releases 4 Packages Wiki Activity Actions

Add checking in hash service for invalid hashes. Add capi call to verify if hash belongs to customer. #641

Browse source
This commit is contained in:
Korina Cordero 2021-11-24 08:23:48 +00:00
parent b0de01ae1b
commit 5c03ccb1fb
4 changed files with 51 additions and 0 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

2
config/api_acl.yaml
View file

@ -57,6 +57,8 @@ access_keys:
acls: acls:
- id: customer.register - id: customer.register
label: Register Customer label: Register Customer
- id: customer.verify
label: Verify Customer
- id: municipality - id: municipality
label: Municipality label: Municipality
acls: acls:

6
config/routes/capi.yaml
View file

@ -155,6 +155,12 @@ capi_customer_register:
controller: App\Controller\CAPI\CustomerController::register controller: App\Controller\CAPI\CustomerController::register
methods: [POST] methods: [POST]
# verify if resq customer
capi_customer_verify:
path: /capi/customer/{customer_hash}
controller: App\Controller\CAPI\CustomerController::verifyCustomer
methods: [GET]
# customer warranty api # customer warranty api
capi_cwarr_check: capi_cwarr_check:
path: /capi/customer_warranty/{serial} path: /capi/customer_warranty/{serial}

39
src/Controller/CAPI/CustomerController.php
View file

@ -15,6 +15,8 @@ use App\Entity\Customer;
use App\Entity\CustomerVehicle; use App\Entity\CustomerVehicle;
use App\Entity\Vehicle; use App\Entity\Vehicle;
use App\Service\HashGenerator;
use Catalyst\APIBundle\Access\Generator as ACLGenerator; use Catalyst\APIBundle\Access\Generator as ACLGenerator;
class CustomerController extends APIController class CustomerController extends APIController
@ -202,6 +204,43 @@ class CustomerController extends APIController
return new APIResponse(true, $message, $data); return new APIResponse(true, $message, $data);
} }
public function verifyCustomer($customer_hash, EntityManagerInterface $em, HashGenerator $hash)
{
$this->denyAccessUnlessGranted('customer.verify', null, 'No access.');
// get customer id from customer_hash
$cust_id = $hash->getID($customer_hash);
if ($cust_id == null)
return new APIResponse(false, 'Invalid customer hash.');
// find customer using id
$customer = $em->getRepository(Customer::class)->find($cust_id);
$data = [];
$message = '';
if ($customer == null)
{
$message = 'Customer not found.';
$data[] = [
'is_customer' => false,
'first_name' => '',
'last_name' => '',
];
}
else
{
$message = 'Customer found.';
$data[] = [
'is_customer' => true,
'first_name' => $customer->getFirstName(),
'last_name' => $customer->getLastName(),
];
}
return new APIResponse(true, $message, $data);
}
protected function cleanPlateNumber($plate) protected function cleanPlateNumber($plate)
{ {
// remove spaces and make upper case // remove spaces and make upper case

4
src/Service/HashGenerator.php
View file

@ -21,6 +21,10 @@ class HashGenerator
$hi = new Hashids($this->salt, $this->length); $hi = new Hashids($this->salt, $this->length);
$id_array = $hi->decode($hash); $id_array = $hi->decode($hash);
// return null if unable to decode aka invalid hash
if (empty($id_array))
return null;
// first one should be the id // first one should be the id
return $id_array[0]; return $id_array[0];
} }