kienan
/
AlternC
mirror of https://github.com/kienanstewart/AlternC.git
1
0
Fork 0
Code Issues Releases Wiki Activity

[enh] mainly space fixes

This commit is contained in:
Benjamin Sonntag 2015-04-13 17:15:55 +02:00
parent 2eeb80accc
commit 491f8b97e2
6 changed files with 186 additions and 162 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

134
api/panel/index.php
View File

@ -5,7 +5,7 @@
* you can call this HTTP(s) API as follow: * you can call this HTTP(s) API as follow:
* from the base url https://panel.example.fr/api/ * from the base url https://panel.example.fr/api/
* 1. /api/post use GETted data (?token=xx&object=xx&action=yy&option1=value1&option2=value2 * 1. /api/post use GETted data (?token=xx&object=xx&action=yy&option1=value1&option2=value2
* 2. /api/post use POSTED data using the same keys * 2. /api/post use POSTED json data using the same keys
* 3. use a sub-url (rest-style) of the form /api/rest/object/action?token=xx&option1=value1&option2=value2 * 3. use a sub-url (rest-style) of the form /api/rest/object/action?token=xx&option1=value1&option2=value2
* 4. the same (REST) but options and value are POSTED * 4. the same (REST) but options and value are POSTED
* *
@ -17,19 +17,12 @@
* Authentication is done by asking for /api/auth/<method>?option1=value1&option2=value2 * Authentication is done by asking for /api/auth/<method>?option1=value1&option2=value2
* or POSTED data * or POSTED data
* a token is returned for this session * a token is returned for this session
* * Use /api/auth to know which method you can use and what parameter they expect
* @todo add HTML pages that will self-document this API
*/ */
// bootstrap AlternC // bootstrap AlternC
require_once("bootstrap.php"); require_once("bootstrap.php");
// Which api method is used ?
define("API_CALL_GET", 1 );
define("API_CALL_POST", 2 );
define("API_CALL_POST_REST", 3 );
define("API_CALL_GET_REST", 4 );
/** /**
* Attempts to load a class in multiple path, the PSR-0 or old style way * Attempts to load a class in multiple path, the PSR-0 or old style way
* *
@ -38,15 +31,13 @@ define("API_CALL_GET_REST", 4 );
* @param string $class_name * @param string $class_name
* @return boolean * @return boolean
*/ */
function __autoload($class_name) {
function __autoload($class_name)
{
// Contains (Namespace) => directory // Contains (Namespace) => directory
static $srcPathList = array(); static $srcPathList = array();
static $init=null; static $init = null;
// Attempts to set include path and directories once // Attempts to set include path and directories once
if( is_null( $init )){ if (is_null($init)) {
// Sets init flag // Sets init flag
$init = true; $init = true;
@ -57,8 +48,8 @@ function __autoload($class_name)
// Updates include_path according to this list // Updates include_path according to this list
$includePathList = explode(PATH_SEPARATOR, get_include_path()); $includePathList = explode(PATH_SEPARATOR, get_include_path());
foreach($srcPathList as $path){ foreach ($srcPathList as $path) {
if ( !in_array($path, $includePathList)){ if (!in_array($path, $includePathList)) {
$includePathList[] = $path; $includePathList[] = $path;
} }
} }
@ -67,16 +58,15 @@ function __autoload($class_name)
// Sets the updated include_path // Sets the updated include_path
set_include_path(implode(PATH_SEPARATOR, $finalIncludePathList)); set_include_path(implode(PATH_SEPARATOR, $finalIncludePathList));
} }
// Accepts old Foo_Bar namespacing // Accepts old Foo_Bar namespacing
if(preg_match("/_/", $class_name)){ if (preg_match("/_/", $class_name)) {
$file_name = str_replace('_', DIRECTORY_SEPARATOR, $class_name) . '.php'; $file_name = str_replace('_', DIRECTORY_SEPARATOR, $class_name) . '.php';
// Accepts 5.3 Foo\Bar PSR-0 namespacing // Accepts 5.3 Foo\Bar PSR-0 namespacing
} else if(preg_match("/\\/", $class_name)){ } else if (preg_match("/\\/", $class_name)) {
$file_name = str_replace('\\', DIRECTORY_SEPARATOR, ltrim($class_name,'\\')) . '.php'; $file_name = str_replace('\\', DIRECTORY_SEPARATOR, ltrim($class_name, '\\')) . '.php';
// Accepts non namespaced classes // Accepts non namespaced classes
} else { } else {
@ -84,9 +74,9 @@ function __autoload($class_name)
} }
// Attempts to find file in namespace // Attempts to find file in namespace
foreach($srcPathList as $namespace => $path ){ foreach ($srcPathList as $namespace => $path) {
$file_path = $path.DIRECTORY_SEPARATOR.$file_name; $file_path = $path . DIRECTORY_SEPARATOR . $file_name;
if(is_file($file_path) && is_readable($file_path)){ if (is_file($file_path) && is_readable($file_path)) {
require $file_path; require $file_path;
return true; return true;
} }
@ -96,15 +86,14 @@ function __autoload($class_name)
return false; return false;
} }
function apicall($data, $token) {
function apicall($data,$token,$mode) {
global $dbh; global $dbh;
$options["databaseAdapter"]=$dbh; $options["databaseAdapter"] = $dbh;
$options["loginAdapterList"]=array("sharedsecret","login"); $options["loginAdapterList"] = array("sharedsecret", "login");
// TODO (no loggerAdapter PSR3-Interface-compliant class as of now) // TODO (no loggerAdapter PSR3-Interface-compliant class as of now)
try { try {
$data["token_hash"]=$token; $data["token_hash"] = $token;
$service=new Alternc_Api_Service($options); $service = new Alternc_Api_Service($options);
$response = $service->call( $response = $service->call(
new Alternc_Api_Request($data) new Alternc_Api_Request($data)
@ -113,96 +102,115 @@ function apicall($data,$token,$mode) {
header("Content-Type: application/json"); header("Content-Type: application/json");
echo $response->toJson(); echo $response->toJson();
exit(); exit();
} catch (Exception $e) { } catch (Exception $e) {
// something went wrong, we spit out the exception as an Api_Response // something went wrong, we spit out the exception as an Api_Response
// TODO : Don't do that on production! spit out a generic "fatal error" code and LOG the exception ! // TODO : Don't do that on production! spit out a generic "fatal error" code and LOG the exception !
header("Content-Type: application/json"); header("Content-Type: application/json");
$response=new Alternc_Api_Response(array("code" => $e->getCode(), "message" => $e->getMessage() )); $response = new Alternc_Api_Response(array("code" => $e->getCode(), "message" => $e->getMessage()));
echo $response->toJson(); echo $response->toJson();
exit(); exit();
} }
} }
function apiauth($data,$mode) { function apiauth($data) {
global $dbh; global $dbh;
$options["databaseAdapter"]=$dbh; $options["databaseAdapter"] = $dbh;
// TODO (no loggerAdapter PSR3-Interface-compliant class as of now) // TODO (no loggerAdapter PSR3-Interface-compliant class as of now)
try { try {
$service = new Alternc_Api_Service($options);
$service=new Alternc_Api_Service($options);
$response = $service->auth($data); $response = $service->auth($data);
header("Content-Type: application/json"); header("Content-Type: application/json");
echo $response->toJson(); echo $response->toJson();
exit(); exit();
} catch (Exception $e) { } catch (Exception $e) {
// something went wrong, we spit out the exception as an Api_Response // something went wrong, we spit out the exception as an Api_Response
// TODO : Don't do that on production! spit out a generic "fatal error" code and LOG the exception ! // TODO : Don't do that on production! spit out a generic "fatal error" code and LOG the exception !
header("Content-Type: application/json"); header("Content-Type: application/json");
$response=new Alternc_Api_Response(array("code" => $e->code, "message" => $e->message)); $response = new Alternc_Api_Response(array("code" => $e->code, "message" => $e->message));
echo $response->toJson(); echo $response->toJson();
exit(); exit();
} }
} }
/**
* Main code: either we are authenticating
* or calling one of the APIs
* or asking for some documentation
*/
// Authentication // Authentication
if (preg_match("#^/api/auth/([^/\?]*)[/\?]?#",$_SERVER["REQUEST_URI"],$mat)) { if (preg_match("#^/api/auth/([^/\?]*)[/\?]?#", $_SERVER["REQUEST_URI"], $mat)) {
if ($_SERVER["REQUEST_METHOD"]=="POST") { if ($_SERVER["REQUEST_METHOD"] == "POST") {
$data=array("options" => $_POST, $data = array("options" => $_POST,
"method" => $mat[1]); "method" => $mat[1]);
apiauth($data,API_CALL_GET); apiauth($data);
exit(); exit();
} else { } else {
$data=array("options" => $_GET, $data = array("options" => $_GET,
"method" => $mat[1]); "method" => $mat[1]);
apiauth($data,API_CALL_POST); apiauth($data);
exit(); exit();
} }
} }
// We support 4 api calls methods: // We support 4 api calls methods:
if ($_SERVER["REQUEST_URI"]=="/api/post") { if ($_SERVER["REQUEST_URI"] == "/api/post") {
// simple ?q or POST of json data // simple ?q or POST of json data
if ($_SERVER["REQUEST_METHOD"]=="POST") { if ($_SERVER["REQUEST_METHOD"] == "POST") {
$data=array("options" => $_POST, $data = array("options" => $_POST,
"object" => $_POST["object"], "object" => $_POST["object"],
"action" => $_POST["action"], "action" => $_POST["action"],
); );
$token=$_POST["token"]; $token = $_POST["token"];
apicall($data,$token,API_CALL_POST); apicall($data, $token);
exit(); exit();
} else { } else {
$data=array("options" => $_GET, $data = array("options" => $_GET,
"object" => $_GET["object"], "object" => $_GET["object"],
"action" => $_GET["action"], "action" => $_GET["action"],
); );
$token=$_GET["token"]; $token = $_GET["token"];
apicall($data,$token,API_CALL_GET); apicall($data, $token);
exit(); exit();
} }
} }
if (preg_match("#^/api/rest/([^/]*)/([^/\?]*)[/\?]?#",$_SERVER["REQUEST_URI"],$mat)) { if (preg_match("#^/api/rest/([^/]*)/([^/\?]*)[/\?]?#", $_SERVER["REQUEST_URI"], $mat)) {
if ($_SERVER["REQUEST_METHOD"]=="POST") { if ($_SERVER["REQUEST_METHOD"] == "POST") {
$data=array("options" => $_POST, $data = array("options" => $_POST,
"object" => $mat[1], "object" => $mat[1],
"action" => $mat[2] "action" => $mat[2]
); );
$token=$_POST["token"]; $token = $_POST["token"];
apicall($data,$token,API_CALL_POST_REST); apicall($data, $token);
exit(); exit();
} else { } else {
$data=array("options" => $_GET, $data = array("options" => $_GET,
"object" => $mat[1], "object" => $mat[1],
"action" => $mat[2] "action" => $mat[2]
); );
$token=$_GET["token"]; $token = $_GET["token"];
apicall($data,$token,API_CALL_GET_REST); apicall($data, $token);
exit(); exit();
} }
} }
function doc($data) {
global $dbh;
$options["databaseAdapter"] = $dbh;
try {
$service = new Alternc_Api_Service($options);
$response = $service->documentation($data);
return $response;
} catch (Exception $e) {
// something went wrong, we spit out the exception as an Api_Response
// TODO : Don't do that on production! spit out a generic "fatal error" code and LOG the exception !
header("Content-Type: application/json");
$response = new Alternc_Api_Response(array("code" => $e->getCode(), "message" => $e->getMessage()));
echo $response->toJson();
exit();
}
}
doc("auth/login");
echo "I did nothing. Did you call the api properly?"; echo "I did nothing. Did you call the api properly?";

4
lib/Alternc/Api/Auth/Interface.php
View File

@ -19,8 +19,8 @@ interface Alternc_Api_Auth_Interface {
function auth($options); function auth($options);
/** /**
* instructions on how to use this Auth class * Api Documentation
* @return array("fields" => array("fields to send, required or not"), "description" => "description of this auth") * @return array("fields" => array("fields to send, required or not"), "description" => "description of this auth")
*/ */
function instructions(); function documentation();
} }

9
lib/Alternc/Api/Auth/Login.php
View File

@ -1,7 +1,8 @@
<?php <?php
/** /**
* Authentication API used by server to authenticate a user using its alternc login and password * Authentication API used by server to authenticate a user
* using his alternc login and password
*/ */
class Alternc_Api_Auth_Login implements Alternc_Api_Auth_Interface { class Alternc_Api_Auth_Login implements Alternc_Api_Auth_Interface {
@ -27,7 +28,7 @@ class Alternc_Api_Auth_Login implements Alternc_Api_Auth_Interface {
* Authenticate a user * Authenticate a user
* *
* @param $options options, depending on the auth scheme, including uid for setuid users * @param $options options, depending on the auth scheme, including uid for setuid users
* here, login is the alternc username, and password is the password for this username. * here, login is the AlternC username, and password is the password for this username.
* @return an Alternc_Api_Token * @return an Alternc_Api_Token
*/ */
function auth($options) { function auth($options) {
@ -56,10 +57,10 @@ class Alternc_Api_Auth_Login implements Alternc_Api_Auth_Interface {
} }
/** /**
* instructions on how to use this Auth class * Api Documentation
* @return array("fields" => array("fields to send, required or not"), "description" => "description of this auth") * @return array("fields" => array("fields to send, required or not"), "description" => "description of this auth")
*/ */
function instructions() { function documentation() {
return array("fields" => array("login" => "AlternC user account", "password" => "AlternC's user password stored in membres table."), return array("fields" => array("login" => "AlternC user account", "password" => "AlternC's user password stored in membres table."),
"description" => "Authenticate against an AlternC user and password, the same as for the control panel" "description" => "Authenticate against an AlternC user and password, the same as for the control panel"
); );

6
lib/Alternc/Api/Auth/Sharedsecret.php
View File

@ -28,8 +28,6 @@ class Alternc_Api_Auth_Sharedsecret implements Alternc_Api_Auth_Interface {
$this->db = $service->getDb(); $this->db = $service->getDb();
} }
// __construct
/** /**
* Authenticate a user * Authenticate a user
* *
@ -67,10 +65,10 @@ class Alternc_Api_Auth_Sharedsecret implements Alternc_Api_Auth_Interface {
} }
/** /**
* instructions on how to use this Auth class * Api Documentation
* @return array("fields" => array("fields to send, required or not"), "description" => "description of this auth") * @return array("fields" => array("fields to send, required or not"), "description" => "description of this auth")
*/ */
function instructions() { function documentation() {
return array("fields" => array("login" => "AlternC user account", "secret" => "API Key, Shared secrets, valid for this account, stored in sharedsecret table."), return array("fields" => array("login" => "AlternC user account", "secret" => "API Key, Shared secrets, valid for this account, stored in sharedsecret table."),
"description" => "Authenticate against an Api Key, also called SharedSecret. distinct from the account's password, can be plenty and revoked independently" "description" => "Authenticate against an Api Key, also called SharedSecret. distinct from the account's password, can be plenty and revoked independently"
); );

13
lib/Alternc/Api/Object/Mysql.php
View File

@ -9,17 +9,8 @@ class Alternc_Api_Object_Mysql extends Alternc_Api_Legacyobject {
function __construct($service) { function __construct($service) {
global $mysql; global $mysql;
if (!($service instanceof Alternc_Api_Service)) { parent::__construct($service);
throw new \Exception("Bad argument: service is not an Alternc_Api_Service", self::ERR_INVALID_ARGUMENT);
}
// We store the global $cuid to AlternC legacy classes
$this->cuid = $cuid = $service->token->uid;
$this->isAdmin = $service->token->isAdmin;
// We use the global $admin from AlternC legacy classes
$this->admin = $admin;
$this->mysql = $mysql; $this->mysql = $mysql;
// Set the legacy rights:
$this->admin->enabled = $this->isAdmin;
} }
/** API Method from legacy class method admin->add_mem() /** API Method from legacy class method admin->add_mem()
@ -216,4 +207,4 @@ class Alternc_Api_Object_Mysql extends Alternc_Api_Legacyobject {
} }
// class Alternc_Api_Object_Account // class Alternc_Api_Object_Mysql

34
lib/Alternc/Api/Service.php
View File

@ -5,6 +5,8 @@
/** /**
* Service API used by server to export API methods * Service API used by server to export API methods
* this class can be used to implement an API service / endpoint
* a REST and POST api is provided as an example
*/ */
class Alternc_Api_Service { class Alternc_Api_Service {
@ -64,8 +66,6 @@ class Alternc_Api_Service {
} }
} }
// __construct
/** /**
* Authenticate into an AlternC server * Authenticate into an AlternC server
* @param $auth hash with * @param $auth hash with
@ -144,7 +144,7 @@ class Alternc_Api_Service {
$action = $request->action; $action = $request->action;
if (strpos($action,"-")!==false) { if (strpos($action, "-") !== false) {
// replace - by an uppercase letter: // replace - by an uppercase letter:
$action = lcfirst(str_replace(" ", "", implode("", array_map("ucfirst", explode("-", $action))))); $action = lcfirst(str_replace(" ", "", implode("", array_map("ucfirst", explode("-", $action)))));
} }
@ -156,6 +156,33 @@ class Alternc_Api_Service {
return $object->$action($request->options); return $object->$action($request->options);
} }
/**
* Return documentation of the API, either general (no parameters)
* or for a specific action or auth class
* @param string $element the name of the object for which documentation is requested
* @return array a documentation hash (key/value)
*/
function doc($element) {
if (substr($element, 0, 5) == "auth/") {
$adapterName = "Alternc_Api_Auth_" . ucfirst(strtolower(substr($element, 5)));
if (!class_exists($adapterName))
return false;
$authAdapter = new $adapterName($this);
return $authAdapter->documentation();
} else {
list($class, $action) = explode("/", $element);
$className = "Alternc_Api_Object_" . ucfirst(strtolower($class));
if (!class_exists($className))
return false;
$object = new $className($this);
if (!$action) {
return $authAdapter->documentation();
} else {
return $authAdapter->documentation($action);
}
}
}
/** /**
* Getter for the databaseAdapter * Getter for the databaseAdapter
* (used by authAdapter) * (used by authAdapter)
@ -167,4 +194,3 @@ class Alternc_Api_Service {
} }
// class Alternc_Api_Service // class Alternc_Api_Service