diff --git a/Dockerfile b/Dockerfile index 2f3c0412a..cb4f67d27 100644 --- a/Dockerfile +++ b/Dockerfile @@ -9,5 +9,9 @@ WORKDIR /var/www/cakephp RUN mkdir logs && mkdir tmp && chmod 777 logs && chmod 777 tmp COPY ./community_server/ . COPY ./configs/community_server/app.php ./config/ -RUN composer update + +RUN composer update +RUN composer dump-autoload + + diff --git a/config/routes.php b/config/routes.php index 92efb56ea..0fa3b4f17 100644 --- a/config/routes.php +++ b/config/routes.php @@ -58,7 +58,7 @@ Router::scope('/', function (RouteBuilder $routes) { // Skip token check for API URLs. //die($request->getParam('controller')); $whitelist = ['JsonRequestHandler', 'ElopageWebhook']; - $ajaxWhitelist = ['TransactionSendCoins']; + $ajaxWhitelist = ['TransactionSendCoins', 'TransactionCreations']; foreach($whitelist as $entry) { if($request->getParam('controller') === $entry) { diff --git a/parse_proto.php b/parse_proto.sh similarity index 100% rename from parse_proto.php rename to parse_proto.sh diff --git a/src/Controller/Component/JsonRequestClientComponent.php b/src/Controller/Component/JsonRequestClientComponent.php index 75d2c5a77..8a071b70b 100644 --- a/src/Controller/Component/JsonRequestClientComponent.php +++ b/src/Controller/Component/JsonRequestClientComponent.php @@ -15,7 +15,7 @@ use Cake\Core\Configure; class JsonRequestClientComponent extends Component { - public function sendTransaction($session_id, $base64Message, $user_balance = 0) { + public function sendTransaction($session_id, $base64Message, $user_balance = 0, $auto_sign = false) { if(!is_numeric($session_id)) { return ['state' => 'error', 'type' => 'parameter error', 'msg' => 'session_id isn\'t numeric']; } @@ -35,7 +35,8 @@ class JsonRequestClientComponent extends Component return $this->sendRequest(json_encode([ 'session_id' => $session_id, 'transaction_base64' => $base64Message, - 'balance' => $user_balance + 'balance' => $user_balance, + 'auto_sign' => $auto_sign ]), '/checkTransaction'); } diff --git a/src/Controller/StateBalancesController.php b/src/Controller/StateBalancesController.php index 7df895de7..f280485bf 100644 --- a/src/Controller/StateBalancesController.php +++ b/src/Controller/StateBalancesController.php @@ -208,8 +208,11 @@ class StateBalancesController extends AppController } $state_balances = $stateUserQuery->first()->state_balances; $state_balances_count = count($state_balances); - if($state_balances_count != 1) { - return $this->returnJson(['state' => 'error', 'msg' => 'state balances count isn\'t as expected, expect 1', 'details' => $state_balances_count]); + if($state_balances_count > 1) { + return $this->returnJson(['state' => 'error', 'msg' => 'state balances count isn\'t as expected, expect 1 or 0', 'details' => $state_balances_count]); + } + if(!$state_balances_count) { + return $this->returnJson(['state' => 'success', 'balance' => 0]); } return $this->returnJson(['state' => 'success', 'balance' => $state_balances[0]->amount]); diff --git a/src/Controller/TransactionCreationsController.php b/src/Controller/TransactionCreationsController.php index 9b05c1782..951ac14af 100644 --- a/src/Controller/TransactionCreationsController.php +++ b/src/Controller/TransactionCreationsController.php @@ -35,6 +35,7 @@ class TransactionCreationsController extends AppController $this->loadComponent('JsonRequestClient'); //$this->Auth->allow(['add', 'edit']); //$this->Auth->allow('create'); + $this->Auth->allow('ajaxCreate'); $this->set( 'naviHierarchy', (new NaviHierarchy())-> @@ -446,6 +447,118 @@ class TransactionCreationsController extends AppController } } } + + public function ajaxCreate() + { + if ($this->request->is('post')) { + $startTime = microtime(true); + $jsonData = $this->request->input('json_decode', true); + $session_id = $jsonData['session_id']; + if(!isset($jsonData['session_id']) || intval($jsonData['session_id']) == 0) { + return $this->returnJson(['state' => 'parameter missing', 'msg' => 'invalid session id']); + } + + $login_result = $this->requestLogin($session_id, false); + if($login_result !== true) { + return $this->returnJson($login_result); + } + $session = $this->getRequest()->getSession(); + $user = $session->read('StateUser'); + + $memo = ''; + if(isset($jsonData['memo'])) { + $memo = $jsonData['memo']; + } + $auto_sign = true; + if(isset($jsonData['auto_sign'])) { + $auto_sign = $jsonData['auto_sign']; + } + if(!isset($jsonData['amount']) || intval($jsonData['amount']) <= 0) { + return $this->returnJson(['state' => 'parameter missing', 'msg' => 'amount not set or <= 0']); + } + if(!isset($jsonData['email'])) { + return $this->returnJson(['state' => 'parameter missing', 'msg' => 'no receiver email set']); + } + $amount = intval($jsonData['amount']); + if($amount > 10000000) { + return $this->returnJson(['state' => 'error', 'msg' => 'amount is to big']); + } + if(!isset($jsonData['target_date'])) { + return $this->returnJson(['state' => 'parameter missing', 'msg' => 'target_date not found']); + } + //$targetDate = $requestData['target_date']; + $stateUserTable = TableRegistry::getTableLocator()->get('StateUsers'); + $requestAnswear = $this->JsonRequestClient->sendRequest(json_encode([ + 'session_id' => $session_id, + 'email' => $jsonData['email'], + 'ask' => ['user.pubkeyhex', 'user.disabled', 'user.identHash'] + ]), '/getUserInfos'); + $receiverPubKeyHex = ''; + if('success' == $requestAnswear['state'] && 'success' == $requestAnswear['data']['state']) { + // will be allways 64 byte long, even if it is empty + $receiverPubKeyHex = $requestAnswear['data']['userData']['pubkeyhex']; + } else { + return $this->returnJson([ + 'state' => 'error', + 'msg' => 'receiver email not found on login-server', + 'details' => $requestAnswear, + 'timeUsed' => microtime(true) - $startTime + ]); + } + if($requestAnswear['data']['userData']['disabled']) { + return $this->returnJson([ + 'state' => 'error', + 'msg' => 'receiver is currently disabled, he cannot receive creations', + 'timeUsed' => microtime(true) - $startTime + ]); + } + + $builderResult = TransactionCreation::build( + $amount, + $memo, + $receiverPubKeyHex, + $requestAnswear['data']['userData']['identHash'], + new FrozenDate($jsonData['target_date']) + ); + $transaction_base64 = ''; + if ($builderResult['state'] == 'success') { + // todo: maybe use sodium base 64 encoder to make sure it can be readed from login-server + $transaction_base64 = base64_encode($builderResult['transactionBody']->serializeToString()); + } + + $requestResult = $this->JsonRequestClient->sendTransaction( + $session_id, + $transaction_base64, + $user['balance'], + $auto_sign + ); + if ($requestResult['state'] != 'success') { + $msg = 'error returned from login server'; + if ($requestResult['type'] === 'request error') { + $msg = 'login server couldn\'t reached'; + } + //$this->Flash->error(__('Error, please wait for the admin to fix it')); + return $this->returnJson([ + 'state' => 'request error', + 'msg' => $msg, + 'details' => $requestResult, + 'timeUsed' => microtime(true) - $startTime + ]); + } else { + $json = $requestResult['data']; + if ($json['state'] != 'success') { + if ($json['msg'] == 'session not found') { + $session->destroy(); + return $this->returnJson(['state' => 'error', 'msg' => 'session not found', 'timeUsed' => microtime(true) - $startTime]); + } else { + return $this->returnJson(['state' => 'error', 'msg' => 'login server error', 'details' => $json, 'timeUsed' => microtime(true) - $startTime]); + } + } else { + return $this->returnJson(['state' => 'success', 'timeUsed' => microtime(true) - $startTime]); + } + } + } + } /** * Add method diff --git a/src/Controller/TransactionSendCoinsController.php b/src/Controller/TransactionSendCoinsController.php index 94d905e71..a6fab144c 100644 --- a/src/Controller/TransactionSendCoinsController.php +++ b/src/Controller/TransactionSendCoinsController.php @@ -310,9 +310,17 @@ class TransactionSendCoinsController extends AppController $receiverPubKeyHex = ''; $senderPubKeyHex = $user['public_hex']; + if(!isset($jsonData['amount']) || !isset($jsonData['email'])) { + return $this->returnJson(['state' => 'parameter missing', 'msg' => 'amount and/or email not set']); + } + if(!isset($user['balance']) || $jsonData['amount'] > $user['balance']) { return $this->returnJson(['state' => 'error', 'msg' => 'not enough GDD']); } + $memo = ''; + if(isset($jsonData['memo'])) { + $memo = $jsonData['memo']; + } $receiverEmail = $jsonData['email']; if($receiverEmail === $user['email']) { @@ -348,10 +356,14 @@ class TransactionSendCoinsController extends AppController $builderResult = TransactionTransfer::build( $jsonData['amount'], - $jsonData['memo'], + $memo, $receiverPubKeyHex, $senderPubKeyHex ); + $auto_sign = true; + if(isset($jsonData['auto_sign'])) { + $auto_sign = $jsonData['auto_sign']; + } if($builderResult['state'] === 'success') { $http = new Client(); @@ -362,7 +374,7 @@ class TransactionSendCoinsController extends AppController $response = $http->post($url . '/checkTransaction', json_encode([ 'session_id' => $session_id, 'transaction_base64' => base64_encode($builderResult['transactionBody']->serializeToString()), - 'auto_sign' => true, + 'auto_sign' => $auto_sign, 'balance' => $user['balance'] ]), ['type' => 'json']); $json = $response->getJson();