mirrors/flexisip-account-manager
1
0
Fork 0
mirror of https://gitlab.linphone.org/BC/public/flexisip-account-manager.git synced 2026-01-17 01:58:07 +00:00
Code Issues Projects Releases Packages Wiki Activity Actions

Upgrade to PHP 8.2 and Laravel 11

Browse source
This commit is contained in:
Timothée Jaussoin 2025-08-18 09:15:08 +00:00
parent 4d0c713174
commit a5eeb06055
27 changed files with 991 additions and 782 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

5
flexiapi/app/Account.php
View file

@ -73,7 +73,10 @@ class Account extends Authenticatable
return;
}
$builder->where('domain', config('app.sip_domain'));
/**
* config('app.sip_domain') is required for the Tests suit
*/
$builder->where('domain', config('app.sip_domain') ?? space()->domain);
});
}

13
flexiapi/app/Helpers/Utils.php
View file

@ -30,16 +30,9 @@ use Illuminate\Support\Facades\DB;
$hostSpace = null;
function space($reload = false): ?Space
function space(): ?Space
{
global $hostSpace;
if ($hostSpace != null && $reload == false) {
return $hostSpace;
}
$hostSpace = Space::where('host', request()->host())->first();
return $hostSpace;
return request()->space;
}
function passwordAlgorithms(): array
@ -167,7 +160,7 @@ function resolveDomain(Request $request): string
&& $request->user()
&& $request->user()->superAdmin
? $request->get('domain')
: config('app.sip_domain');
: $request->space->domain;
}
function captchaConfigured(): bool

8
flexiapi/app/Http/Controllers/Account/ProvisioningController.php
View file

@ -151,7 +151,7 @@ class ProvisioningController extends Controller
private function checkProvisioningHeader(Request $request)
{
if (!$request->hasHeader('x-linphone-provisioning')
&& space()?->provisioning_use_linphone_provisioning_header) {
&& $request->space->provisioning_use_linphone_provisioning_header) {
abort(400, 'x-linphone-provisioning header is missing');
}
}
@ -172,8 +172,8 @@ class ProvisioningController extends Controller
$dom->appendChild($config);
if (space()?->custom_provisioning_entries) {
$rc = parse_ini_string(space()->custom_provisioning_entries, true);
if ($request->space?->custom_provisioning_entries) {
$rc = parse_ini_string($request->space->custom_provisioning_entries, true);
foreach ($rc as $sectionName => $values) {
$section = $dom->createElement('section');
@ -297,7 +297,7 @@ class ProvisioningController extends Controller
}
// Overwrite all the entries
if (space()?->custom_provisioning_overwrite_all) {
if ($request->space?->custom_provisioning_overwrite_all) {
$xpath = new \DOMXpath($dom);
$entries = $xpath->query("//section/entry");
if (!is_null($entries)) {

2
flexiapi/app/Http/Controllers/Admin/AccountImportController.php
View file

@ -285,7 +285,7 @@ class AccountImportController extends Controller
'account_id' => $passwordAccount->id,
'password' => bchash(
$passwordAccount->username,
space()?->account_realm ?? $request->get('domain'),
$request->space?->account_realm ?? $request->get('domain'),
$passwords[$passwordAccount->username],
$algorithm
),

4
flexiapi/app/Http/Kernel.php
View file

@ -52,13 +52,15 @@ class Kernel extends HttpKernel
\App\Http\Middleware\VerifyCsrfToken::class,
\Illuminate\Routing\Middleware\SubstituteBindings::class,
\App\Http\Middleware\Localization::class,
'space.check'
],
'api' => [
'throttle:600,1', // move to 600 instead of 60
'bindings',
'validate_json',
'localization'
'localization',
'space.check'
],
];

2
flexiapi/app/Http/Middleware/IsIntercomFeatures.php
View file

@ -10,7 +10,7 @@ class IsIntercomFeatures
{
public function handle(Request $request, Closure $next): Response
{
if (space()?->intercom_features) {
if ($request->space->intercom_features) {
return $next($request);
}

2
flexiapi/app/Http/Middleware/IsPhoneRegistration.php
View file

@ -27,7 +27,7 @@ class IsPhoneRegistration
{
public function handle(Request $request, Closure $next): Response
{
if (space()?->phone_registration) {
if ($request->space->phone_registration) {
return $next($request);
}

2
flexiapi/app/Http/Middleware/IsPublicRegistration.php
View file

@ -27,7 +27,7 @@ class IsPublicRegistration
{
public function handle(Request $request, Closure $next): Response
{
if (space()?->public_registration) {
if ($request->space?->public_registration) {
return $next($request);
}

2
flexiapi/app/Http/Middleware/IsWebPanelEnabled.php
View file

@ -27,7 +27,7 @@ class IsWebPanelEnabled
{
public function handle(Request $request, Closure $next)
{
if (!$request->expectsJson() && space()?->web_panel) {
if (!$request->expectsJson() && $request->space->web_panel) {
return $next($request);
}

10
flexiapi/app/Http/Middleware/SpaceCheck.php
View file

@ -3,6 +3,7 @@
namespace App\Http\Middleware;
use Closure;
use App\Space;
use Illuminate\Http\Request;
use Illuminate\Support\Facades\Config;
use Symfony\Component\HttpFoundation\Response;
@ -15,17 +16,18 @@ class SpaceCheck
return abort(503, 'APP_ROOT_HOST is not configured');
}
$space = space();
$space = Space::where('host', config('app.sip_domain') ?? request()->host())->first();
if ($space != null) {
if (!str_ends_with($space->host, config('app.root_host'))) {
return abort(503, 'The APP_ROOT_HOST configured does not match with the current root domain');
}
Config::set('app.url', '://' . $space->host);
Config::set('app.sip_domain', $space->domain);
$request->merge(['space' => $space]);
if ($request->user() && !$request->user()->superAdmin && $space?->isExpired()) {
Config::set('app.url', '://' . $space->host);
if ($space->isExpired()) {
abort($request->expectsJson() ? 403 : 490, 'The related Space has expired');
}

10
flexiapi/app/Services/AccountService.php
View file

@ -62,10 +62,10 @@ class AccountService
$account = new Account();
$account->username = $request->get('username');
$account->activated = false;
$account->domain = space()->domain;
$account->domain = $request->space->domain;
$account->ip_address = $request->ip();
$account->created_at = Carbon::now();
$account->user_agent = space()->name;
$account->user_agent = $request->space->name;
$account->dtmf_protocol = $request->get('dtmf_protocol');
if ($request->asAdmin) {
@ -73,7 +73,7 @@ class AccountService
$account->display_name = $request->get('display_name');
$account->activated = $request->has('activated') ? (bool)$request->get('activated') : false;
$account->domain = resolveDomain($request);
$account->user_agent = $request->header('User-Agent') ?? space()->name;
$account->user_agent = $request->header('User-Agent') ?? $request->space->name;
$account->admin = $request->has('admin') && (bool)$request->get('admin');
if (!$request->api && $request->has('role')) {
@ -113,8 +113,8 @@ class AccountService
);
if (!$request->api) {
if (!empty(space()?->newsletter_registration_address) && $request->has('newsletter')) {
Mail::to(space()->newsletter_registration_address)->send(new NewsletterRegistration($account));
if (!empty($request->space?->newsletter_registration_address) && $request->has('newsletter')) {
Mail::to($request->space->newsletter_registration_address)->send(new NewsletterRegistration($account));
}
}

34
flexiapi/composer.json
View file

@ -8,33 +8,33 @@
],
"license": "MIT",
"require": {
"php": ">=8.1",
"awobaz/compoships": "^2.3",
"doctrine/dbal": "^3.0",
"endroid/qr-code": "^5.0",
"fakerphp/faker": "^1.23",
"laravel/framework": "^10.0",
"laravel/tinker": "^2.9",
"php": ">=8.2",
"laravel/framework": "^11.45.1",
"awobaz/compoships": "^2.4.1",
"doctrine/dbal": "^3.10.1",
"endroid/qr-code": "^5.1",
"fakerphp/faker": "^1.24.1",
"laravel/tinker": "^2.10.1",
"lcobucci/jwt": "^4.3",
"namoshek/laravel-redis-sentinel": "^0.5",
"ovh/ovh": "^3.3",
"parsedown/laravel": "^1.2",
"phpunit/phpunit": "^10.0",
"propaganistas/laravel-phone": "^5.3",
"ovh/ovh": "^3.5",
"parsedown/laravel": "^1.2.1",
"phpunit/phpunit": "^10.5.50",
"propaganistas/laravel-phone": "^5.3.6",
"react/socket": "^1.16",
"respect/validation": "^2.3",
"respect/validation": "^2.4.4",
"rvxlab/hcaptcha": "^5.2",
"sabre/vobject": "^4.5"
"sabre/vobject": "^4.5.7"
},
"require-dev": {
"mockery/mockery": "^1.6",
"nunomaduro/collision": "^7.0",
"mockery/mockery": "^1.6.12",
"nunomaduro/collision": "^8.5",
"phpmd/phpmd": "^2.15",
"squizlabs/php_codesniffer": "^3.7"
"squizlabs/php_codesniffer": "^3.13.2"
},
"config": {
"platform": {
"php": "8.1"
"php": "8.2"
},
"optimize-autoloader": true,
"preferred-install": "dist",

1517
flexiapi/composer.lock generated
View file

File diff suppressed because it is too large Load diff

15
flexiapi/database/factories/SpaceFactory.php
View file

@ -36,13 +36,6 @@ class SpaceFactory extends Factory
];
}
public function local()
{
return $this->state(fn (array $attributes) => [
'host' => 'localhost',
]);
}
public function withoutProvisioningHeader()
{
return $this->state(fn (array $attributes) => [
@ -50,6 +43,14 @@ class SpaceFactory extends Factory
]);
}
public function domain(string $domain)
{
return $this->state(fn (array $attributes) => [
'domain' => $domain,
'host' => $domain,
]);
}
public function secondDomain()
{
return $this->state(fn (array $attributes) => [

2
flexiapi/routes/api.php
View file

@ -54,7 +54,7 @@ Route::get('accounts/me/api_key/{auth_token}', 'Api\Account\ApiKeyController@gen
Route::get('phone_countries', 'Api\PhoneCountryController@index');
Route::group(['middleware' => ['auth.jwt', 'auth.digest_or_key', 'auth.check_blocked', 'space.check']], function () {
Route::group(['middleware' => ['auth.jwt', 'auth.digest_or_key', 'auth.check_blocked']], function () {
Route::get('accounts/auth_token/{auth_token}/attach', 'Api\Account\AuthTokenController@attach');
Route::post('account_creation_tokens/consume', 'Api\Account\CreationTokenController@consume');

6
flexiapi/routes/web.php
View file

@ -48,12 +48,10 @@ use App\Http\Controllers\Admin\SpaceController;
use App\Http\Controllers\Admin\StatisticsController;
use Illuminate\Support\Facades\Route;
Route::middleware(['space.check'])->group(function () {
Route::redirect('/', 'login')->name('account.home');
Route::get('about', 'AboutController@about')->name('about');
});
Route::middleware(['web_panel_enabled', 'space.check'])->group(function () {
Route::middleware(['web_panel_enabled'])->group(function () {
Route::get('wizard/{provisioning_token}', 'Account\ProvisioningController@wizard')->name('provisioning.wizard');
Route::get('login', 'Account\AuthenticateController@login')->name('account.login');
@ -90,7 +88,7 @@ Route::name('provisioning.')->prefix('provisioning')->controller(ProvisioningCon
Route::get('/', 'show')->name('show');
});
Route::middleware(['web_panel_enabled', 'space.check'])->group(function () {
Route::middleware(['web_panel_enabled'])->group(function () {
Route::middleware(['public_registration'])->group(function () {
Route::redirect('register', 'register/email')->name('account.register');

6
flexiapi/tests/Feature/AccountJWTAuthenticationTest.php
View file

@ -56,11 +56,11 @@ class AccountJWTAuthenticationTest extends TestCase
if (!extension_loaded('sodium')) return;
$password = Password::factory()->create();
\App\Space::where('domain', $password->account->domain)->update(['host' => 'localhost']);
$domain = 'sip_provisioning.example.com';
$bearer = 'authz_server="https://sso.test/", realm="sip.test.org"';
\App\Space::where('domain', $password->account->domain)->update(['host' => $domain]);
config()->set('app.sip_domain', $domain);
config()->set('services.jwt.rsa_public_key_pem', $this->serverPublicKeyPem);
$this->get($this->route)->assertStatus(400);

24
flexiapi/tests/Feature/AccountProvisioningTest.php
View file

@ -39,9 +39,7 @@ class AccountProvisioningTest extends TestCase
public function testBaseProvisioning()
{
Space::truncate();
Space::factory()->local()->create();
space(reload: true);
Space::factory()->create();
$this->get($this->route)->assertStatus(400);
@ -55,9 +53,7 @@ class AccountProvisioningTest extends TestCase
public function testDisabledProvisioningHeader()
{
Space::truncate();
Space::factory()->local()->withoutProvisioningHeader()->create();
space(reload: true);
Space::factory()->withoutProvisioningHeader()->create();
$this->get($this->route)
->assertStatus(200)
@ -67,10 +63,6 @@ class AccountProvisioningTest extends TestCase
public function testDontProvisionHeaderDisabled()
{
Space::truncate();
Space::factory()->local()->create();
space(reload: true);
$account = Account::factory()->deactivated()->create();
$account->generateUserApiKey();
@ -100,6 +92,8 @@ class AccountProvisioningTest extends TestCase
public function testXLinphoneProvisioningHeader()
{
Space::factory()->create();
$this->withHeaders([
'x-linphone-provisioning' => true,
])->get($this->accountRoute)->assertStatus(401);
@ -138,9 +132,9 @@ class AccountProvisioningTest extends TestCase
public function testUiSectionProvisioning()
{
$secondDomain = Space::factory()->create();
$password = Password::factory()->create();
$secondDomain = Space::factory()->secondDomain()->create();
$password->account->generateUserApiKey();
$password->account->domain = $secondDomain->domain;
$password->account->save();
@ -282,6 +276,9 @@ class AccountProvisioningTest extends TestCase
public function testAuthTokenProvisioning()
{
$password = Password::factory()->create();
$password->account->generateUserApiKey();
// Generate a public auth_token and attach it
$response = $this->json('POST', '/api/accounts/auth_token')
->assertStatus(201)
@ -291,9 +288,6 @@ class AccountProvisioningTest extends TestCase
$authToken = $response->json('token');
$password = Password::factory()->create();
$password->account->generateUserApiKey();
$this->keyAuthenticated($password->account)
->json($this->method, '/api/accounts/auth_token/' . $authToken . '/attach')
->assertStatus(200);

3
flexiapi/tests/Feature/ApiAccountApiKeyTest.php
View file

@ -21,6 +21,7 @@ namespace Tests\Feature;
use App\Account;
use App\Password;
use App\Space;
use Illuminate\Support\Facades\DB;
use Tests\TestCase;
@ -89,6 +90,8 @@ class ApiAccountApiKeyTest extends TestCase
public function testAuthToken()
{
Space::factory()->create();
// Generate a public auth_token
$response = $this->json('POST', '/api/accounts/auth_token')
->assertStatus(201)

8
flexiapi/tests/Feature/ApiAccountCreationTokenTest.php
View file

@ -65,6 +65,8 @@ class ApiAccountCreationTokenTest extends TestCase
public function testCorrectParameters()
{
Space::factory()->create();
$this->assertSame(AccountCreationToken::count(), 0);
$this->json($this->method, $this->tokenRoute, [
'pn_provider' => 'wrong',
@ -96,6 +98,8 @@ class ApiAccountCreationTokenTest extends TestCase
public function testMandatoryParameters()
{
Space::factory()->create();
$this->json($this->method, $this->tokenRoute)->assertStatus(422);
$this->json($this->method, $this->tokenRoute, [
@ -107,6 +111,8 @@ class ApiAccountCreationTokenTest extends TestCase
public function testThrottling()
{
Space::factory()->create();
AccountCreationToken::factory()->create([
'pn_provider' => $this->pnProvider,
'pn_param' => $this->pnParam,
@ -235,6 +241,8 @@ class ApiAccountCreationTokenTest extends TestCase
public function testAccountCreationRequestToken()
{
Space::factory()->create();
$response = $this->json($this->method, $this->tokenRequestRoute);
$response->assertStatus(201);
$creationRequestToken = $response->json()['token'];

17
flexiapi/tests/Feature/ApiAccountRecoveryTokenTest.php
View file

@ -28,6 +28,8 @@ use App\Http\Middleware\IsWebPanelEnabled;
class ApiAccountRecoveryTokenTest extends TestCase
{
private Space $space;
protected $tokenRoute = '/api/account_recovery_tokens/send-by-push';
protected $tokenRequestRoute = '/api/account_recovery_request_tokens';
protected $method = 'POST';
@ -36,6 +38,12 @@ class ApiAccountRecoveryTokenTest extends TestCase
protected $pnParam = 'param';
protected $pnPrid = 'id';
public function setUp(): void
{
parent::setUp();
$this->space = Space::factory()->create();
}
public function testMandatoryParameters()
{
$this->json($this->method, $this->tokenRoute)->assertStatus(422);
@ -73,23 +81,22 @@ class ApiAccountRecoveryTokenTest extends TestCase
public function testTokenRecoveryPage()
{
$token = AccountRecoveryToken::factory()->create();
$space = Space::factory()->create();
$phone = '+3312345';
$this->get($this->setSpaceOnRoute($space, route('account.recovery.show.phone', ['account_recovery_token' => 'bad_token'])))
$this->get($this->setSpaceOnRoute($this->space, route('account.recovery.show.phone', ['account_recovery_token' => 'bad_token'])))
->assertStatus(404);
$this->get($this->setSpaceOnRoute($space, route('account.recovery.show.phone', ['account_recovery_token' => $token->token])))
$this->get($this->setSpaceOnRoute($this->space, route('account.recovery.show.phone', ['account_recovery_token' => $token->token])))
->assertDontSee($phone)
->assertStatus(200);
$this->get($this->setSpaceOnRoute($space, route('account.recovery.show.phone', ['account_recovery_token' => $token->token, 'phone' => $phone])))
$this->get($this->setSpaceOnRoute($this->space, route('account.recovery.show.phone', ['account_recovery_token' => $token->token, 'phone' => $phone])))
->assertSee($phone)
->assertStatus(200);
$token->consume();
$this->get($this->setSpaceOnRoute($space, route('account.recovery.show.phone', ['account_recovery_token' => $token->token])))
$this->get($this->setSpaceOnRoute($this->space, route('account.recovery.show.phone', ['account_recovery_token' => $token->token])))
->assertStatus(404);
}
}

14
flexiapi/tests/Feature/ApiAccountTest.php
View file

@ -153,15 +153,15 @@ class ApiAccountTest extends TestCase
public function testDomain()
{
$configDomain = 'sip.domain.com';
$configDomain = 'sip2.example.com';
Space::factory()->domain($configDomain)->create();
config()->set('app.sip_domain', $configDomain);
$password = Password::factory()->admin()->create();
$username = 'foobar';
$domain = Space::first()->domain;
config()->set('app.admins_manage_multi_domains', false);
$response0 = $this->generateFirstResponse($password);
$response1 = $this->generateSecondResponse($password, $response0)
->json($this->method, $this->route, [
@ -185,7 +185,7 @@ class ApiAccountTest extends TestCase
public function testAdminMultiDomains()
{
$configDomain = 'sip.domain.com';
$configDomain = 'sip2.example.com';
config()->set('app.sip_domain', $configDomain);
$account = Account::factory()->superAdmin()->create();
@ -300,7 +300,8 @@ class ApiAccountTest extends TestCase
public function testDomainInTestDeployment()
{
$configDomain = 'testdomain.com';
$configDomain = 'sip2.example.com';
Space::factory()->domain($configDomain)->create();
config()->set('app.sip_domain', $configDomain);
$password = Password::factory()->admin()->create();
@ -573,8 +574,7 @@ class ApiAccountTest extends TestCase
{
$realm = 'realm.com';
Space::factory()->local()->withRealm($realm)->create();
space(reload: true);
Space::factory()->withRealm($realm)->create();
$password = Password::factory()->create();
$password->account->activated = false;

7
flexiapi/tests/Feature/ApiAuthenticationTest.php
View file

@ -177,9 +177,7 @@ class ApiAuthenticationTest extends TestCase
public function testAuthenticationSHA265FromCLRTXT()
{
Space::truncate();
Space::factory()->local()->create();
space(reload: true);
Space::factory()->create();
$password = Password::factory()->clrtxt()->create();
$response = $this->generateFirstResponse($password);
@ -211,8 +209,7 @@ class ApiAuthenticationTest extends TestCase
$realm = 'realm.com';
Space::truncate();
Space::factory()->local()->withRealm($realm)->create();
space(reload: true);
Space::factory()->withRealm($realm)->create();
$password = Password::factory()->clrtxt()->create();
$response = $this->generateFirstResponse($password);

12
flexiapi/tests/Feature/ApiSpaceWithMiddlewareTest.php
View file

@ -22,9 +22,9 @@ namespace Tests\Feature;
use App\Account;
use App\Space;
use Carbon\Carbon;
use Tests\TestCaseWithSpaceMiddleware;
use Tests\TestCase;
class ApiSpaceWithMiddlewareTest extends TestCaseWithSpaceMiddleware
class ApiSpaceWithMiddlewareTest extends TestCase
{
protected $method = 'POST';
protected $route = '/api/spaces';
@ -42,9 +42,7 @@ class ApiSpaceWithMiddlewareTest extends TestCaseWithSpaceMiddleware
// Try to create a new user as an admin
$admin->generateUserApiKey();
config()->set('app.root_host', $admin->domain);
space(reload: true);
config()->set('app.sip_domain', $space->domain);
$this->keyAuthenticated($admin)
->json($this->method, 'http://' . $admin->domain . $this->accountRoute, [
@ -54,6 +52,8 @@ class ApiSpaceWithMiddlewareTest extends TestCaseWithSpaceMiddleware
])->assertStatus(403);
// Unexpire the space and try again
config()->set('app.sip_domain', $superAdmin->domain);
$space = $this->keyAuthenticated($superAdmin)
->get($this->route . '/' . $admin->domain)
->json();
@ -64,8 +64,6 @@ class ApiSpaceWithMiddlewareTest extends TestCaseWithSpaceMiddleware
->json('PUT', $this->route . '/' . $admin->domain, $space)
->assertStatus(200);
space(reload: true);
$this->keyAuthenticated($admin)
->json($this->method, $this->accountRoute, [
'username' => 'new',

4
flexiapi/tests/Feature/ApiStatisticsTest.php
View file

@ -39,7 +39,7 @@ class ApiStatisticsTest extends TestCase
$id = '1234';
$fromUsername = 'username';
$fromDomain = 'domain.com';
$fromDomain = $admin->domain;
$account = Account::factory()->create([
'username' => $fromUsername,
@ -132,7 +132,7 @@ class ApiStatisticsTest extends TestCase
$id = '1234';
$fromUsername = 'username';
$fromDomain = 'domain.com';
$fromDomain = $admin->domain;
$toUsername = 'usernameto';
$toDomain = 'domainto.com';

3
flexiapi/tests/TestCase.php
View file

@ -38,8 +38,7 @@ abstract class TestCase extends BaseTestCase
{
parent::setUp();
$this->withoutMiddleware([SpaceCheck::class]);
config()->set('app.root_host', 'example.com');
config()->set('app.sip_domain', 'sip.example.com');
PhoneCountry::truncate();

37
flexiapi/tests/TestCaseWithSpaceMiddleware.php
View file

@ -1,37 +0,0 @@
<?php
/*
Flexisip Account Manager is a set of tools to manage SIP accounts.
Copyright (C) 2020 Belledonne Communications SARL, All rights reserved.
This program is free software: you can redistribute it and/or modify
it under the terms of the GNU Affero General Public License as
published by the Free Software Foundation, either version 3 of the
License, or (at your option) any later version.
This program is distributed in the hope that it will be useful,
but WITHOUT ANY WARRANTY; without even the implied warranty of
MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
GNU Affero General Public License for more details.
You should have received a copy of the GNU Affero General Public License
along with this program. If not, see <http://www.gnu.org/licenses/>.
*/
namespace Tests;
use Illuminate\Foundation\Testing\TestCase as BaseTestCase;
use Illuminate\Foundation\Testing\RefreshDatabase;
abstract class TestCaseWithSpaceMiddleware extends BaseTestCase
{
use CreatesApplication;
use RefreshDatabase;
use TestUtilsTrait;
public function setUp(): void
{
parent::setUp();
config()->set('app.sip_domain', 'sip.example.com');
}
}