Добавлен обработчик для события блокировки аккаунта

api/config/config.php

@@ -73,15 +73,6 @@ return [
         'response' => [
             'format' => yii\web\Response::FORMAT_JSON,
         ],
-        'oauth' => [
-            'class' => api\components\OAuth2\Component::class,
-            'grantTypes' => ['authorization_code', 'client_credentials'],
-            'grantMap' => [
-                'authorization_code' => api\components\OAuth2\Grants\AuthCodeGrant::class,
-                'refresh_token' => api\components\OAuth2\Grants\RefreshTokenGrant::class,
-                'client_credentials' => api\components\OAuth2\Grants\ClientCredentialsGrant::class,
-            ],
-        ],
         'errorHandler' => [
             'class' => api\components\ErrorHandler::class,
         ],

autocompletion.php

@@ -22,6 +22,7 @@ class Yii extends \yii\BaseYii {
  * @property \GuzzleHttp\Client                    $guzzle
  * @property \common\components\EmailRenderer      $emailRenderer
  * @property \mito\sentry\Component                $sentry
+ * @property \api\components\OAuth2\Component      $oauth
  */
 abstract class BaseApplication extends yii\base\Application {
 }
@@ -33,7 +34,6 @@ abstract class BaseApplication extends yii\base\Application {
  * @property \api\components\User\Component      $user User component.
  * @property \api\components\ApiUser\Component   $apiUser Api User component.
  * @property \api\components\ReCaptcha\Component $reCaptcha
- * @property \api\components\OAuth2\Component    $oauth
  *
  * @method \api\components\User\Component getUser()
  */

common/config/config.php

@@ -69,6 +69,15 @@ return [
             'class' => common\components\EmailRenderer::class,
             'basePath' => '/images/emails',
         ],
+        'oauth' => [
+            'class' => api\components\OAuth2\Component::class,
+            'grantTypes' => ['authorization_code', 'client_credentials'],
+            'grantMap' => [
+                'authorization_code' => api\components\OAuth2\Grants\AuthCodeGrant::class,
+                'refresh_token' => api\components\OAuth2\Grants\RefreshTokenGrant::class,
+                'client_credentials' => api\components\OAuth2\Grants\ClientCredentialsGrant::class,
+            ],
+        ],
     ],
     'aliases' => [
         '@bower' => '@vendor/bower-asset',

common/models/Account.php

@@ -33,6 +33,7 @@ use const common\LATEST_RULES_VERSION;
  * @property OauthSession[]       $oauthSessions
  * @property UsernameHistory[]    $usernameHistory
  * @property AccountSession[]     $sessions
+ * @property MinecraftAccessKey[] $minecraftAccessKeys
  *
  * Поведения:
  * @mixin TimestampBehavior
@@ -99,7 +100,7 @@ class Account extends ActiveRecord {
     }
 
     public function getOauthSessions() {
-        return $this->hasMany(OauthSession::class, ['owner_id' => 'id']);
+        return $this->hasMany(OauthSession::class, ['owner_id' => 'id'])->andWhere(['owner_type' => 'user']);
     }
 
     public function getUsernameHistory() {
@@ -110,6 +111,10 @@ class Account extends ActiveRecord {
         return $this->hasMany(AccountSession::class, ['account_id' => 'id']);
     }
 
+    public function getMinecraftAccessKeys() {
+        return $this->hasMany(MinecraftAccessKey::class, ['account_id' => 'id']);
+    }
+
     /**
      * Выполняет проверку, принадлежит ли этому нику аккаунт у Mojang
      *

console/controllers/AccountQueueController.php

@@ -3,10 +3,13 @@ namespace console\controllers;
 
 use common\components\Mojang\Api as MojangApi;
 use common\components\Mojang\exceptions\NoContentException;
+use common\models\Account;
+use common\models\amqp\AccountBanned;
 use common\models\amqp\UsernameChanged;
 use common\models\MojangUsername;
 use Ely\Amqp\Builder\Configurator;
 use GuzzleHttp\Exception\RequestException;
+use Yii;
 
 class AccountQueueController extends AmqpController {
 
@@ -17,16 +20,18 @@ class AccountQueueController extends AmqpController {
     public function configure(Configurator $configurator) {
         $configurator->exchange->topic()->durable();
         $configurator->queue->name('accounts-accounts-events')->durable();
-        $configurator->bind->routingKey('accounts.username-changed');
+        $configurator->bind->routingKey('accounts.username-changed')
+            ->add()->routingKey('account.account-banned');
     }
 
     public function getRoutesMap() {
         return [
             'accounts.username-changed' => 'routeUsernameChanged',
+            'accounts.account-banned' => 'routeAccountBanned',
         ];
     }
 
-    public function routeUsernameChanged(UsernameChanged $body) {
+    public function routeUsernameChanged(UsernameChanged $body): bool {
         $mojangApi = $this->createMojangApi();
         try {
             $response = $mojangApi->usernameToUUID($body->newUsername);
@@ -58,6 +63,28 @@ class AccountQueueController extends AmqpController {
         return true;
     }
 
+    public function routeAccountBanned(AccountBanned $body): bool {
+        $account = Account::findOne($body->accountId);
+        if ($account === null) {
+            Yii::warning('Cannot find banned account ' . $body->accountId . '. Skipping.');
+            return true;
+        }
+
+        foreach ($account->sessions as $authSession) {
+            $authSession->delete();
+        }
+
+        foreach ($account->minecraftAccessKeys as $key) {
+            $key->delete();
+        }
+
+        foreach ($account->oauthSessions as $oauthSession) {
+            $oauthSession->delete();
+        }
+
+        return true;
+    }
+
     /**
      * @return MojangApi
      */

tests/codeception/common/fixtures/data/account-sessions.php

@@ -16,4 +16,12 @@ return [
         'created_at' => time(),
         'last_refreshed_at' => time(),
     ],
+    'banned-user-session' => [
+        'id' => 3,
+        'account_id' => 10,
+        'refresh_token' => 'Af7fIuV6eL61tRUHn40yhmDRXN1OQxKR',
+        'last_used_ip' => ip2long('182.123.234.123'),
+        'created_at' => time(),
+        'last_refreshed_at' => time(),
+    ],
 ];

tests/codeception/common/fixtures/data/oauth-sessions.php

@@ -7,4 +7,11 @@ return [
         'client_id' => 'test1',
         'client_redirect_uri' => 'http://test1.net/oauth',
     ],
+    'banned-account-session' => [
+        'id' => 2,
+        'owner_type' => 'user',
+        'owner_id' => 10,
+        'client_id' => 'test1',
+        'client_redirect_uri' => 'http://test1.net/oauth',
+    ],
 ];

tests/codeception/console/unit/controllers/AccountQueueControllerTest.php

@@ -4,6 +4,7 @@ namespace codeception\console\unit\controllers;
 use common\components\Mojang\Api;
 use common\components\Mojang\exceptions\NoContentException;
 use common\components\Mojang\response\UsernameToUUIDResponse;
+use common\models\amqp\AccountBanned;
 use common\models\amqp\UsernameChanged;
 use common\models\MojangUsername;
 use console\controllers\AccountQueueController;
@@ -143,4 +144,22 @@ class AccountQueueControllerTest extends TestCase {
         $this->assertNotEquals($mojangInfo->uuid, $mojangUsername->uuid);
     }
 
+    public function testRouteAccountBanned() {
+        /** @var \common\models\Account $bannedAccount */
+        $bannedAccount = $this->tester->grabFixture('accounts', 'banned-account');
+        $this->tester->haveFixtures([
+            'oauthSessions' => \tests\codeception\common\fixtures\OauthSessionFixture::class,
+            'minecraftAccessKeys' => \tests\codeception\common\fixtures\MinecraftAccessKeyFixture::class,
+            'authSessions' => \tests\codeception\common\fixtures\AccountSessionFixture::class,
+        ]);
+
+        $body = new AccountBanned();
+        $body->accountId = $bannedAccount->id;
+
+        $this->controller->routeAccountBanned($body);
+        $this->assertEmpty($bannedAccount->sessions);
+        $this->assertEmpty($bannedAccount->minecraftAccessKeys);
+        $this->assertEmpty($bannedAccount->oauthSessions);
+    }
+
 }