[REVIEW] Customer ability to change MAC address

app/Events/Layer2Address/Added.php

@@ -2,66 +2,77 @@
 
 namespace IXP\Events\Layer2Address;
 
+/*
+ * Copyright (C) 2009-2018 Internet Neutral Exchange Association Company Limited By Guarantee.
+ * All Rights Reserved.
+ *
+ * This file is part of IXP Manager.
+ *
+ * IXP Manager is free software: you can redistribute it and/or modify it
+ * under the terms of the GNU General Public License as published by the Free
+ * Software Foundation, version v2.0 of the License.
+ *
+ * IXP Manager is distributed in the hope that it will be useful, but WITHOUT
+ * ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or
+ * FITNESS FOR A PARTICULAR PURPOSE.  See the GNU General Public License for
+ * more details.
+ *
+ * You should have received a copy of the GNU General Public License v2.0
+ * along with IXP Manager.  If not, see:
+ *
+ * http://www.gnu.org/licenses/gpl-2.0.html
+ */
+
 use Entities\{
     Layer2Address   as Layer2AddressEntity,
-    Customer        as CustomerEntity
+    User            as UserEntity,
+    VlanInterface   as VlanInterfaceEntity
 };
-use Illuminate\Broadcasting\Channel;
+
 use Illuminate\Queue\SerializesModels;
-use Illuminate\Broadcasting\PrivateChannel;
-use Illuminate\Broadcasting\PresenceChannel;
 use Illuminate\Foundation\Events\Dispatchable;
-use Illuminate\Broadcasting\InteractsWithSockets;
-use Illuminate\Contracts\Broadcasting\ShouldBroadcast;
 
 class Added
 {
-    use Dispatchable, InteractsWithSockets, SerializesModels;
+    use Dispatchable, SerializesModels;
 
     /**
      * @var string
      */
     public $action;
 
     /**
-     * @var String
+     * @var string
      */
     public $mac;
 
     /**
-     * @var Customer
+     * @var UserEntity
+     */
+    public $user;
+
+    /**
+     * @var string
      */
-    public $auth;
+    public $customer;
 
     /**
-     * @var VlanInterface
+     * @var VlanInterfaceEntity
      */
     public $vli;
 
     /**
      * Create a new event instance.
      *
      * @param Layer2AddressEntity     $l2a
-     * @param CustomerEntity          $auth
-     *
-     * @return void
+     * @param UserEntity          $u
      */
-    public function __construct(  $l2a,  $auth )
+    public function __construct( Layer2AddressEntity $l2a, UserEntity $u )
     {
         $this->action   = "add";
         $this->mac      = $l2a->getMac();
-        $this->auth     = $auth;
+        $this->user     = $u;
+        $this->customer = $u->getCustomer()->getFormattedName();
         $this->vli      = $l2a->getVlanInterface();
-
-    }
-
-    /**
-     * Get the channels the event should broadcast on.
-     *
-     * @return \Illuminate\Broadcasting\Channel|array
-     */
-    public function broadcastOn()
-    {
-        return new PrivateChannel('channel-name');
     }
 }

app/Events/Layer2Address/Deleted.php

@@ -2,17 +2,38 @@
 
 namespace IXP\Events\Layer2Address;
 
-use Illuminate\Broadcasting\Channel;
+/*
+ * Copyright (C) 2009-2018 Internet Neutral Exchange Association Company Limited By Guarantee.
+ * All Rights Reserved.
+ *
+ * This file is part of IXP Manager.
+ *
+ * IXP Manager is free software: you can redistribute it and/or modify it
+ * under the terms of the GNU General Public License as published by the Free
+ * Software Foundation, version v2.0 of the License.
+ *
+ * IXP Manager is distributed in the hope that it will be useful, but WITHOUT
+ * ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or
+ * FITNESS FOR A PARTICULAR PURPOSE.  See the GNU General Public License for
+ * more details.
+ *
+ * You should have received a copy of the GNU General Public License v2.0
+ * along with IXP Manager.  If not, see:
+ *
+ * http://www.gnu.org/licenses/gpl-2.0.html
+ */
+
+use Entities\{
+    User            as UserEntity,
+    VlanInterface   as VlanInterfaceEntity
+};
+
 use Illuminate\Queue\SerializesModels;
-use Illuminate\Broadcasting\PrivateChannel;
-use Illuminate\Broadcasting\PresenceChannel;
 use Illuminate\Foundation\Events\Dispatchable;
-use Illuminate\Broadcasting\InteractsWithSockets;
-use Illuminate\Contracts\Broadcasting\ShouldBroadcast;
 
 class Deleted
 {
-    use Dispatchable, InteractsWithSockets, SerializesModels;
+    use Dispatchable, SerializesModels;
 
     /**
      * @var string
@@ -25,39 +46,35 @@ class Deleted
     public $mac;
 
     /**
-     * @var Customer
+     * @var UserEntity
+     */
+    public $user;
+
+    /**
+     * @var string
      */
-    public $auth;
+    public $customer;
 
     /**
-     * @var VirtualInterface
+     * @var VlanInterfaceEntity
      */
     public $vli;
 
     /**
      * Create a new event instance.
      *
-     * @param string                $mac
-     * @param VlanInterface         $vli
-     * @param Customer              $auth
+     * @param string                $oldmac
+     * @param VlanInterfaceEntity   $vli
+     * @param UserEntity            $u
      *
      * @return void
      */
-    public function __construct( $mac, $vli, $auth )
+    public function __construct( string $oldmac, VlanInterfaceEntity $vli, UserEntity $u )
     {
         $this->action   = "delete";
-        $this->mac      = $mac;
-        $this->auth     = $auth;
+        $this->mac      = $oldmac;
+        $this->user     = $u;
+        $this->customer = $u->getCustomer()->getFormattedName();
         $this->vli      = $vli;
     }
-
-    /**
-     * Get the channels the event should broadcast on.
-     *
-     * @return \Illuminate\Broadcasting\Channel|array
-     */
-    public function broadcastOn()
-    {
-        return new PrivateChannel('channel-name');
-    }
 }

app/Http/Controllers/Api/V4/Layer2AddressController.php

@@ -50,20 +50,36 @@ class Layer2AddressController extends Controller {
      *
      * @param   Request $request instance of the current HTTP request
      * @return  JsonResponse
+     * @throws \LaravelDoctrine\ORM\Facades\ORMInvalidArgumentException
+     * @throws \Doctrine\ORM\OptimisticLockException
      */
     public function add( Request $request ): JsonResponse {
         /** @var VlanInterfaceEntity $vli */
         if( !( $vli = D2EM::getRepository( VlanInterfaceEntity::class )->find( $request->input( 'vliid' ) ) ) ) {
-            return abort( '404' );
+            return abort( 404, 'VLAN interface not found' );
+        }
+
+        if( !Auth::user()->isSuperUser() ) {
+            if( !config( 'ixp_fe.layer2-addresses.customer_can_edit' ) ) {
+                abort( 404 );
+            }
+
+            if( Auth::user()->getCustomer()->getId() != $vli->getVirtualInterface()->getCustomer()->getId() ) {
+                abort( 403, 'VLI / Customer mismatch' );
+            }
+
+            if( count( $vli->getLayer2Addresses() ) >= config( 'ixp_fe.layer2-addresses.customer_params.max_addresses' ) ) {
+                return response()->json( [ 'danger' => false, 'message' => 'The maximum possible MAC addresses have been configured. Please delete a MAC before adding.' ] );
+            }
         }
 
         $mac = preg_replace( "/[^a-f0-9]/i", '' , strtolower( $request->input( 'mac', '' ) ) );
         if( strlen( $mac ) !== 12 ) {
-            return response()->json( [ 'success' => false, 'message' => 'Invalid or missing MAC addresses' ] );
+            return response()->json( [ 'danger' => false, 'message' => 'Invalid or missing MAC addresses' ] );
         }
 
         if( D2EM::getRepository( Layer2AddressEntity::class )->existsInVlan( $mac, $vli->getVlan()->getId() ) ) {
-            return response()->json( [ 'success' => false, 'message' => 'The MAC address already exists within the VLAN' ] );
+            return response()->json( [ 'danger' => false, 'message' => 'The MAC address already exists within this IXP VLAN' ] );
         }
 
         $l2a = new Layer2AddressEntity();
@@ -106,6 +122,20 @@ public function delete( int $id ): JsonResponse{
             return abort( '404' );
         }
 
+        if( !Auth::user()->isSuperUser() ) {
+            if( !config( 'ixp_fe.layer2-addresses.customer_can_edit' ) ) {
+                abort( 404 );
+            }
+
+            if( Auth::user()->getCustomer()->getId() != $l2a->getVlanInterface()->getVirtualInterface()->getCustomer()->getId() ) {
+                abort( 403, 'MAC address / Customer mismatch' );
+            }
+
+            if( count( $l2a->getVlanInterface()->getLayer2Addresses() ) <= config( 'ixp_fe.layer2-addresses.customer_params.min_addresses' ) ) {
+                return response()->json( [ 'danger' => false, 'message' => 'The minimum possible MAC addresses have been configured. Please add a MAC before deleting.' ] );
+            }
+        }
+
         $l2a->getVlanInterface()->removeLayer2Address( $l2a );
         $macaddress = $l2a->getMacFormattedWithColons();
         $vli        = $l2a->getVlanInterface();

app/Http/Controllers/Api/V4/MailingListController.php

@@ -47,7 +47,7 @@ class MailingListController extends Controller {
     private $mlkey = null;
 
     public function __construct() {
-        if( !config( 'mailinglists.enabled' ) ) {
+        if( php_sapi_name() !== 'cli' && !config( 'mailinglists.enabled' ) ) {
             abort( 503, "Mailing list functionality is disabled. See: http://docs.ixpmanager.org/features/mailing-lists/" );
         }
     }

app/Http/Controllers/ApiKeyController.php

@@ -109,14 +109,19 @@ public function feInit(){
         // display the same information in the view as the list
         $this->feParams->viewColumns = $this->feParams->listColumns;
 
-        // custom access controls:
-        switch( Auth::user()->getPrivs() ) {
-            case UserEntity::AUTH_SUPERUSER:
-            case UserEntity::AUTH_CUSTUSER:
-                break;
-
-            default:
-                abort( 403 );
+        // phpunit / artisan trips up here without the cli test:
+        if( php_sapi_name() !== 'cli' ) {
+
+            // custom access controls:
+            switch( Auth::user()->getPrivs() ) {
+                case UserEntity::AUTH_SUPERUSER:
+                case UserEntity::AUTH_CUSTUSER:
+                    break;
+
+                default:
+                    abort( 403 );
+            }
+
         }
 
     }