Congegni
/
sintonia
7
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

Merge branch 'cc-5709-airtime-analyzer' into cc-5709-airtime-analyzer-cloud-storage 

Conflicts:
	airtime_mvc/application/modules/rest/controllers/MediaController.php
This commit is contained in:
drigato 2015-01-22 11:19:25 -05:00
parent 38882abd1a 38a2924849
commit bade613e80
4 changed files with 57 additions and 115 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

7
airtime_mvc/application/configs/ACL.php
View File

@ -29,7 +29,10 @@ $ccAcl->add(new Zend_Acl_Resource('library'))
->add(new Zend_Acl_Resource('audiopreview')) ->add(new Zend_Acl_Resource('audiopreview'))
->add(new Zend_Acl_Resource('webstream')) ->add(new Zend_Acl_Resource('webstream'))
->add(new Zend_Acl_Resource('locale')) ->add(new Zend_Acl_Resource('locale'))
->add(new Zend_Acl_Resource('upgrade')); ->add(new Zend_Acl_Resource('upgrade'))
->add(new Zend_Acl_Resource('downgrade'))
->add(new Zend_Acl_Resource('rest:media'))
->add(new Zend_Acl_Resource('billing'));
/** Creating permissions */ /** Creating permissions */
$ccAcl->allow('G', 'index') $ccAcl->allow('G', 'index')
@ -44,6 +47,8 @@ $ccAcl->allow('G', 'index')
->allow('G', 'webstream') ->allow('G', 'webstream')
->allow('G', 'locale') ->allow('G', 'locale')
->allow('G', 'upgrade') ->allow('G', 'upgrade')
->allow('G', 'downgrade')
->allow('G', 'rest:media')
->allow('H', 'preference', 'is-import-in-progress') ->allow('H', 'preference', 'is-import-in-progress')
->allow('H', 'usersettings') ->allow('H', 'usersettings')
->allow('H', 'plupload') ->allow('H', 'plupload')

59
airtime_mvc/application/controllers/plugins/Acl_plugin.php
View File

@ -110,17 +110,17 @@ class Zend_Controller_Plugin_Acl extends Zend_Controller_Plugin_Abstract
{ {
$controller = strtolower($request->getControllerName()); $controller = strtolower($request->getControllerName());
Application_Model_Auth::pinSessionToClient(Zend_Auth::getInstance()); Application_Model_Auth::pinSessionToClient(Zend_Auth::getInstance());
//Ignore authentication for all access to the rest API. We do auth via API keys for this
//and/or by OAuth.
if (strtolower($request->getModuleName()) == "rest")
{
return;
}
if (in_array($controller, array("api", "auth", "locale", "upgrade"))) { if (in_array($controller, array("api", "auth", "locale", "upgrade"))) {
$this->setRoleName("G"); $this->setRoleName("G");
} elseif (!Zend_Auth::getInstance()->hasIdentity()) { } elseif (!Zend_Auth::getInstance()->hasIdentity()) {
// If we don't have an identity and we're making a RESTful request,
// we need to do API key verification
if ($request->getModuleName() == "rest") {
$this->verifyAuth();
return;
}
if ($controller !== 'login') { if ($controller !== 'login') {
@ -143,7 +143,12 @@ class Zend_Controller_Plugin_Acl extends Zend_Controller_Plugin_Abstract
} }
} }
} else { } else {
// If we have an identity and we're making a RESTful request,
// we need to check the CSRF token
if ($request->_action != "get" && $request->getModuleName() == "rest") {
$this->verifyCSRFToken($request->getParam("csrf_token"));
}
$userInfo = Zend_Auth::getInstance()->getStorage()->read(); $userInfo = Zend_Auth::getInstance()->getStorage()->read();
$this->setRoleName($userInfo->type); $this->setRoleName($userInfo->type);
@ -169,6 +174,42 @@ class Zend_Controller_Plugin_Acl extends Zend_Controller_Plugin_Abstract
} }
} }
private function verifyAuth() {
if ($this->verifyAPIKey()) {
return true;
}
$this->getResponse()
->setHttpResponseCode(401)
->appendBody("ERROR: Incorrect API key.");
return false;
}
private function verifyCSRFToken($token) {
$current_namespace = new Zend_Session_Namespace('csrf_namespace');
$observed_csrf_token = $token;
$expected_csrf_token = $current_namespace->authtoken;
$this->getResponse()
->setHttpResponseCode(401)
->appendBody("ERROR: CSRF token mismatch.");
return ($observed_csrf_token == $expected_csrf_token);
}
private function verifyAPIKey() {
// The API key is passed in via HTTP "basic authentication":
// http://en.wikipedia.org/wiki/Basic_access_authentication
$CC_CONFIG = Config::getConfig();
// Decode the API key that was passed to us in the HTTP request.
$authHeader = $this->getRequest()->getHeader("Authorization");
$encodedRequestApiKey = substr($authHeader, strlen("Basic "));
$encodedStoredApiKey = base64_encode($CC_CONFIG["apiKey"][0] . ":");
return ($encodedRequestApiKey === $encodedStoredApiKey);
}
/** /**
* Deny Access Function * Deny Access Function
* Redirects to errorPage, this can be called from an action using the action helper * Redirects to errorPage, this can be called from an action using the action helper

104
airtime_mvc/application/modules/rest/controllers/MediaController.php
View File

@ -30,11 +30,6 @@ class Rest_MediaController extends Zend_Rest_Controller
public function indexAction() public function indexAction()
{ {
if (!$this->verifyAuth(true, true))
{
return;
}
$files_array = array(); $files_array = array();
foreach (CcFilesQuery::create()->find() as $file) foreach (CcFilesQuery::create()->find() as $file)
{ {
@ -54,11 +49,6 @@ class Rest_MediaController extends Zend_Rest_Controller
public function downloadAction() public function downloadAction()
{ {
if (!$this->verifyAuth(true, true))
{
return;
}
$id = $this->getId(); $id = $this->getId();
if (!$id) { if (!$id) {
return; return;
@ -81,11 +71,6 @@ class Rest_MediaController extends Zend_Rest_Controller
public function getAction() public function getAction()
{ {
if (!$this->verifyAuth(true, true))
{
return;
}
$id = $this->getId(); $id = $this->getId();
if (!$id) { if (!$id) {
return; return;
@ -104,11 +89,6 @@ class Rest_MediaController extends Zend_Rest_Controller
public function postAction() public function postAction()
{ {
if (!$this->verifyAuth(true, true))
{
return;
}
//If we do get an ID on a POST, then that doesn't make any sense //If we do get an ID on a POST, then that doesn't make any sense
//since POST is only for creating. //since POST is only for creating.
if ($id = $this->_getParam('id', false)) { if ($id = $this->_getParam('id', false)) {
@ -169,11 +149,6 @@ class Rest_MediaController extends Zend_Rest_Controller
public function putAction() public function putAction()
{ {
if (!$this->verifyAuth(true, true))
{
return;
}
$id = $this->getId(); $id = $this->getId();
if (!$id) { if (!$id) {
return; return;
@ -262,11 +237,6 @@ class Rest_MediaController extends Zend_Rest_Controller
public function deleteAction() public function deleteAction()
{ {
if (!$this->verifyAuth(true, true))
{
return;
}
$id = $this->getId(); $id = $this->getId();
if (!$id) { if (!$id) {
return; return;
@ -295,80 +265,6 @@ class Rest_MediaController extends Zend_Rest_Controller
return $id; return $id;
} }
private function verifyAuth($checkApiKey, $checkSession)
{
// Session takes precedence over API key for now:
if ($checkSession && $this->verifySession()) {
// CSRF token validation only applies to session based authorization.
if(!$this->verifyCSRFToken($this->_getParam('csrf_token'))){
$resp = $this->getResponse();
$resp->setHttpResponseCode(401);
$resp->appendBody("ERROR: Token Missmatch.");
return false;
}
return true;
}
if ($checkApiKey && $this->verifyAPIKey())
{
return true;
}
$resp = $this->getResponse();
$resp->setHttpResponseCode(401);
$resp->appendBody("ERROR: Incorrect API key.");
return false;
}
private function verifyCSRFToken($token){
$current_namespace = new Zend_Session_Namespace('csrf_namespace');
$observed_csrf_token = $token;
$expected_csrf_token = $current_namespace->authtoken;
if($observed_csrf_token == $expected_csrf_token){
return true;
}else{
return false;
}
}
private function verifyAPIKey()
{
//The API key is passed in via HTTP "basic authentication":
// http://en.wikipedia.org/wiki/Basic_access_authentication
$CC_CONFIG = Config::getConfig();
//Decode the API key that was passed to us in the HTTP request.
$authHeader = $this->getRequest()->getHeader("Authorization");
$encodedRequestApiKey = substr($authHeader, strlen("Basic "));
$encodedStoredApiKey = base64_encode($CC_CONFIG["apiKey"][0] . ":");
if ($encodedRequestApiKey === $encodedStoredApiKey)
{
return true;
} else {
return false;
}
return false;
}
private function verifySession()
{
$auth = Zend_Auth::getInstance();
if ($auth->hasIdentity())
{
return true;
}
return false;
//Token checking stub code. We'd need to change LoginController.php to generate a token too, but
//but luckily all the token code already exists and works.
//$auth = new Application_Model_Auth();
//$auth->checkToken(Application_Model_Preference::getUserId(), $token);
}
private function fileNotFoundResponse() private function fileNotFoundResponse()
{ {
$resp = $this->getResponse(); $resp = $this->getResponse();

2
python_apps/airtime_analyzer/airtime_analyzer/cuepoint_analyzer.py
View File

@ -24,7 +24,7 @@ class CuePointAnalyzer(Analyzer):
the unit test on the short m4a file fails. With the new setting, it gets the correct cue-in time and the unit test on the short m4a file fails. With the new setting, it gets the correct cue-in time and
all the unit tests pass. all the unit tests pass.
''' '''
command = [CuePointAnalyzer.SILAN_EXECUTABLE, '-b', '-F', '0.99', '-f', 'JSON', filename] command = [CuePointAnalyzer.SILAN_EXECUTABLE, '-b', '-F', '0.99', '-f', 'JSON', '-t', '1.0', filename]
try: try:
results_json = subprocess.check_output(command, stderr=subprocess.STDOUT, close_fds=True) results_json = subprocess.check_output(command, stderr=subprocess.STDOUT, close_fds=True)
silan_results = json.loads(results_json) silan_results = json.loads(results_json)