From a1a49955c203758482f96fbef36e1529ffa1b68d Mon Sep 17 00:00:00 2001 From: Benjamin Sonntag Date: Mon, 12 Jan 2015 20:16:28 +0100 Subject: [PATCH] [enh] formatting --- lib/Alternc/Api/Auth/Interface.php | 34 ++-- lib/Alternc/Api/Auth/Login.php | 110 +++++----- lib/Alternc/Api/Auth/Sharedsecret.php | 128 ++++++------ lib/Alternc/Api/Legacyobject.php | 68 +++---- lib/Alternc/Api/Object/Domain.php | 281 +++++++++++++------------- lib/Alternc/Api/Object/Ftp.php | 209 +++++++++---------- lib/Alternc/Api/Request.php | 70 +++---- lib/Alternc/Api/Response.php | 41 ++-- lib/Alternc/Api/Service.php | 281 +++++++++++++------------- lib/Alternc/Api/Token.php | 122 ++++++----- 10 files changed, 659 insertions(+), 685 deletions(-) diff --git a/lib/Alternc/Api/Auth/Interface.php b/lib/Alternc/Api/Auth/Interface.php index 6e324e44..b7042bc9 100644 --- a/lib/Alternc/Api/Auth/Interface.php +++ b/lib/Alternc/Api/Auth/Interface.php @@ -6,25 +6,21 @@ */ interface Alternc_Api_Auth_Interface { - /** - * contructor : - * $service is an Alternc_Api_Service object having a getDb() method - */ - function __construct($service); + /** + * contructor : + * $service is an Alternc_Api_Service object having a getDb() method + */ + function __construct($service); + /** + * auth takes options specific to the auth itself + * returns an Alternc_Api_Token object + */ + function auth($options); - /** - * auth takes options specific to the auth itself - * returns an Alternc_Api_Token object - */ - function auth($options); - - - /** - * instructions on how to use this Auth class - * @return array("fields" => array("fields to send, required or not"), "description" => "description of this auth") - */ - function instructions(); - + /** + * instructions on how to use this Auth class + * @return array("fields" => array("fields to send, required or not"), "description" => "description of this auth") + */ + function instructions(); } - diff --git a/lib/Alternc/Api/Auth/Login.php b/lib/Alternc/Api/Auth/Login.php index d95ceba5..8b96b17f 100644 --- a/lib/Alternc/Api/Auth/Login.php +++ b/lib/Alternc/Api/Auth/Login.php @@ -4,72 +4,68 @@ * Authentication API used by server to authenticate a user using its alternc login and password */ class Alternc_Api_Auth_Login implements Alternc_Api_Auth_Interface { - - private $db; // PDO object + private $db; // PDO object - const ERR_INVALID_ARGUMENT = 1111201; + const ERR_INVALID_ARGUMENT = 1111201; - /** - * Constructor of the Login Api Auth - * - * @param $service an Alternc_Api_Service object - * @return create the object - */ - function __constructor($service) { + /** + * Constructor of the Login Api Auth + * + * @param $service an Alternc_Api_Service object + * @return create the object + */ + function __construct($service) { - if (!($service instanceof Alternc_Api_Service)) - throw new \Exception("Invalid argument (service)",ERR_INVALID_ARGUMENT); + if (!($service instanceof Alternc_Api_Service)) + throw new \Exception("Invalid argument (service)", ERR_INVALID_ARGUMENT); - $this->db = $service->getDb(); - - } // __construct - - - /** - * Authenticate a user - * - * @param $options options, depending on the auth scheme, including uid for setuid users - * here, login is the alternc username, and password is the password for this username. - * @return an Alternc_Api_Token - */ - function auth($options) { - - if (!isset($options["login"]) || !is_string($options["login"])) { - throw new \Exception("Missing required parameter login", self::ERR_INVALID_ARGUMENT); - } - if (!isset($options["password"]) || !is_string($options["password"])) { - throw new \Exception("Missing required parameter password", self::ERR_INVALID_ARGUMENT); + $this->db = $service->getDb(); } - if (!preg_match("#^[0-9a-zA-Z-]{1,32}$#",$options["login"])) { // FIXME : normalize this on AlternC !!! - throw new \Exception("Invalid login", self::ERR_INVALID_LOGIN); + /** + * Authenticate a user + * + * @param $options options, depending on the auth scheme, including uid for setuid users + * here, login is the alternc username, and password is the password for this username. + * @return an Alternc_Api_Token + */ + function auth($options) { + + if (!isset($options["login"]) || !is_string($options["login"])) { + throw new \Exception("Missing required parameter login", self::ERR_INVALID_ARGUMENT); + } + if (!isset($options["password"]) || !is_string($options["password"])) { + throw new \Exception("Missing required parameter password", self::ERR_INVALID_ARGUMENT); + } + + if (!preg_match("#^[0-9a-zA-Z-]{1,32}$#", $options["login"])) { // FIXME : normalize this on AlternC !!! + throw new \Exception("Invalid login", self::ERR_INVALID_LOGIN); + } + + $stmt = $db->query("SELECT m.enabled,m.uid,m.login,m.su FROM membres m WHERE m.login=? AND m.password=?;", array($options["login"], $options["password"]), PDO::FETCH_CLASS); + $me = $stmt->fetch(); + if (!$me) + return new Alternc_Api_Response(array("code" => ERR_INVALID_AUTH, "message" => "Invalid login or password")); + if (!$me->enabled) + return new Alternc_Api_Response(array("code" => ERR_DISABLED_ACCOUNT, "message" => "Account is disabled")); + + return Alternc_Api_Token::tokenGenerate( + array("uid" => $me->uid, "isAdmin" => ($me->su != 0)), $this->db + ); } - $stmt = $db->query("SELECT m.enabled,m.uid,m.login,m.su FROM membres m WHERE m.login=? AND m.password=?;",array($options["login"],$options["password"]),PDO::FETCH_CLASS); - $me=$stmt->fetch(); - if (!$me) - return new Alternc_Api_Response(array("code"=>ERR_INVALID_AUTH, "message" => "Invalid login or password")); - if (!$me->enabled) - return new Alternc_Api_Response(array("code"=>ERR_DISABLED_ACCOUNT, "message" => "Account is disabled")); + /** + * instructions on how to use this Auth class + * @return array("fields" => array("fields to send, required or not"), "description" => "description of this auth") + */ + function instructions() { + return array("fields" => array("login" => "AlternC user account", "password" => "AlternC's user password stored in membres table."), + "description" => "Authenticate against an AlternC user and password, the same as for the control panel" + ); + } - return Alternc_Api_Token::tokenGenerate( - array("uid"=>$me->uid, "isAdmin"=>($me->su!=0) ), - $this->db - ); - } +} - - /** - * instructions on how to use this Auth class - * @return array("fields" => array("fields to send, required or not"), "description" => "description of this auth") - */ - function instructions() { - return array("fields" => array("login" => "AlternC user account", "password" => "AlternC's user password stored in membres table."), - "description" => "Authenticate against an AlternC user and password, the same as for the control panel" - ); - } - - -} // class Alternc_Api_Auth_Login +// class Alternc_Api_Auth_Login diff --git a/lib/Alternc/Api/Auth/Sharedsecret.php b/lib/Alternc/Api/Auth/Sharedsecret.php index 5709121d..363a40da 100644 --- a/lib/Alternc/Api/Auth/Sharedsecret.php +++ b/lib/Alternc/Api/Auth/Sharedsecret.php @@ -5,80 +5,78 @@ * SHARED SECRET (ApiKey) */ class Alternc_Api_Auth_Sharedsecret implements Alternc_Api_Auth_Interface { - - private $db; // PDO object + private $db; // PDO object - const ERR_INVALID_ARGUMENT = 1111801; - const ERR_INVALID_SECRET = 1111802; - const ERR_INVALID_LOGIN = 1111803; - const ERR_DISABLED_ACCOUNT = 1111804; - const ERR_INVALID_AUTH = 1111805; + const ERR_INVALID_ARGUMENT = 1111801; + const ERR_INVALID_SECRET = 1111802; + const ERR_INVALID_LOGIN = 1111803; + const ERR_DISABLED_ACCOUNT = 1111804; + const ERR_INVALID_AUTH = 1111805; - /** - * Constructor of the Shared Secret Api Auth - * - * @param $service an Alternc_Api_Service object - * @return create the object - */ - function __construct($service) { + /** + * Constructor of the Shared Secret Api Auth + * + * @param $service an Alternc_Api_Service object + * @return create the object + */ + function __construct($service) { - if (!($service instanceof Alternc_Api_Service)) - throw new \Exception("Invalid argument (service)",ERR_INVALID_ARGUMENT); + if (!($service instanceof Alternc_Api_Service)) + throw new \Exception("Invalid argument (service)", ERR_INVALID_ARGUMENT); - $this->db = $service->getDb(); - - } // __construct - - - /** - * Authenticate a user - * - * @param $options options, depending on the auth scheme, including uid for setuid users - * here, login is the alternc username, and secret is a valid shared secret for this user. - * @return an Alternc_Api_Token - */ - function auth($options) { - - if (!isset($options["login"]) || !is_string($options["login"])) { - throw new \Exception("Missing required parameter login", self::ERR_INVALID_ARGUMENT); - } - if (!isset($options["secret"]) || !is_string($options["secret"])) { - throw new \Exception("Missing required parameter secret", self::ERR_INVALID_ARGUMENT); - } - if (!preg_match("#^[0-9a-zA-Z]{32}$#",$options["secret"])) { - return new Alternc_Api_Response( array("code" => self::ERR_INVALID_SECRET, "message" => "Invalid shared secret syntax") ); + $this->db = $service->getDb(); } - if (!preg_match("#^[0-9a-zA-Z-]{1,32}$#",$options["login"])) { // FIXME : normalize this on AlternC !!! - return new Alternc_Api_Response( array("code" => self::ERR_INVALID_LOGIN, "message" => "Invalid login") ); +// __construct + + /** + * Authenticate a user + * + * @param $options options, depending on the auth scheme, including uid for setuid users + * here, login is the alternc username, and secret is a valid shared secret for this user. + * @return an Alternc_Api_Token + */ + function auth($options) { + + if (!isset($options["login"]) || !is_string($options["login"])) { + throw new \Exception("Missing required parameter login", self::ERR_INVALID_ARGUMENT); + } + if (!isset($options["secret"]) || !is_string($options["secret"])) { + throw new \Exception("Missing required parameter secret", self::ERR_INVALID_ARGUMENT); + } + if (!preg_match("#^[0-9a-zA-Z]{32}$#", $options["secret"])) { + return new Alternc_Api_Response(array("code" => self::ERR_INVALID_SECRET, "message" => "Invalid shared secret syntax")); + } + + if (!preg_match("#^[0-9a-zA-Z-]{1,32}$#", $options["login"])) { // FIXME : normalize this on AlternC !!! + return new Alternc_Api_Response(array("code" => self::ERR_INVALID_LOGIN, "message" => "Invalid login")); + } + + $stmt = $this->db->prepare("SELECT m.enabled,m.uid,m.login,m.su FROM membres m, sharedsecret s WHERE s.uid=m.uid AND m.login=? AND s.secret=?;"); + $stmt->execute(array($options["login"], $options["secret"])); + $me = $stmt->fetch(PDO::FETCH_OBJ); + if (!$me) + return new Alternc_Api_Response(array("code" => self::ERR_INVALID_AUTH, "message" => "Invalid shared secret")); + if (!$me->enabled) + return new Alternc_Api_Response(array("code" => self::ERR_DISABLED_ACCOUNT, "message" => "Account is disabled")); + + return Alternc_Api_Token::tokenGenerate( + array("uid" => (int) $me->uid, "isAdmin" => ($me->su != 0)), $this->db + ); } - $stmt = $this->db->prepare("SELECT m.enabled,m.uid,m.login,m.su FROM membres m, sharedsecret s WHERE s.uid=m.uid AND m.login=? AND s.secret=?;"); - $stmt->execute(array($options["login"],$options["secret"]) ); - $me=$stmt->fetch(PDO::FETCH_OBJ); - if (!$me) - return new Alternc_Api_Response( array("code" => self::ERR_INVALID_AUTH, "message" => "Invalid shared secret") ); - if (!$me->enabled) - return new Alternc_Api_Response( array("code" => self::ERR_DISABLED_ACCOUNT, "message" => "Account is disabled") ); + /** + * instructions on how to use this Auth class + * @return array("fields" => array("fields to send, required or not"), "description" => "description of this auth") + */ + function instructions() { + return array("fields" => array("login" => "AlternC user account", "secret" => "API Key, Shared secrets, valid for this account, stored in sharedsecret table."), + "description" => "Authenticate against an Api Key, also called SharedSecret. distinct from the account's password, can be plenty and revoked independently" + ); + } - return Alternc_Api_Token::tokenGenerate( - array("uid"=>(int)$me->uid, "isAdmin"=>($me->su!=0) ), - $this->db - ); - } +} - - /** - * instructions on how to use this Auth class - * @return array("fields" => array("fields to send, required or not"), "description" => "description of this auth") - */ - function instructions() { - return array("fields" => array("login" => "AlternC user account", "secret" => "API Key, Shared secrets, valid for this account, stored in sharedsecret table."), - "description" => "Authenticate against an Api Key, also called SharedSecret. distinct from the account's password, can be plenty and revoked independently" - ); - } - - -} // class Alternc_Api_Auth_Sharedsecret +// class Alternc_Api_Auth_Sharedsecret diff --git a/lib/Alternc/Api/Legacyobject.php b/lib/Alternc/Api/Legacyobject.php index 3e5e2fbe..a66b6bdf 100644 --- a/lib/Alternc/Api/Legacyobject.php +++ b/lib/Alternc/Api/Legacyobject.php @@ -7,38 +7,38 @@ * @author benjamin */ class Alternc_Api_Legacyobject { - - protected $admin; // m_admin instance - protected $cuid; // current user id - protected $isAdmin; // is it an Admin account? - protected $db; // PDO DB access to AlternC's database. - - const ERR_INVALID_ARGUMENT = 111201; - const ERR_ALTERNC_FUNCTION = 111202; - - function __construct($service) { - global $admin,$cuid; - if (!($service instanceof Alternc_Api_Service)) { - throw new \Exception("Bad argument: service is not an Alternc_Api_Service", self::ERR_INVALID_ARGUMENT); - } - // We store the global $cuid to AlternC legacy classes - $this->db=$service->db; - $this->cuid=$cuid=$service->token->uid; - $this->isAdmin=$service->token->isAdmin; - // We use the global $admin from AlternC legacy classes - $this->admin=$admin; - // Set the legacy rights: - $this->admin->enabled=$this->isAdmin; - } - - - /** return a proper Alternc_Api_Response from an error class and error string - * from AlternC legacy class - */ - protected function alterncLegacyErrorManager() { - global $err; - return new Alternc_Api_Response( array("code" => self::ERR_ALTERNC_FUNCTION, "message" => "[".$err->clsid."] ".$err->error) ); - } - -} /* Aternc_Api_Legacyobject */ + protected $admin; // m_admin instance + protected $cuid; // current user id + protected $isAdmin; // is it an Admin account? + protected $db; // PDO DB access to AlternC's database. + + const ERR_INVALID_ARGUMENT = 111201; + const ERR_ALTERNC_FUNCTION = 111202; + + function __construct($service) { + global $admin, $cuid; + if (!($service instanceof Alternc_Api_Service)) { + throw new \Exception("Bad argument: service is not an Alternc_Api_Service", self::ERR_INVALID_ARGUMENT); + } + // We store the global $cuid to AlternC legacy classes + $this->db = $service->db; + $this->cuid = $cuid = $service->token->uid; + $this->isAdmin = $service->token->isAdmin; + // We use the global $admin from AlternC legacy classes + $this->admin = $admin; + // Set the legacy rights: + $this->admin->enabled = $this->isAdmin; + } + + /** return a proper Alternc_Api_Response from an error class and error string + * from AlternC legacy class + */ + protected function alterncLegacyErrorManager() { + global $err; + return new Alternc_Api_Response(array("code" => self::ERR_ALTERNC_FUNCTION, "message" => "[" . $err->clsid . "] " . $err->error)); + } + +} + +/* Aternc_Api_Legacyobject */ diff --git a/lib/Alternc/Api/Object/Domain.php b/lib/Alternc/Api/Object/Domain.php index 2c9fdfa3..14809cd5 100644 --- a/lib/Alternc/Api/Object/Domain.php +++ b/lib/Alternc/Api/Object/Domain.php @@ -4,151 +4,148 @@ * Domain Api of AlternC, used by alternc-api package */ class Alternc_Api_Object_Domain extends Alternc_Api_Legacyobject { - - - protected $dom; // m_dom instance - - function __construct($service) { - global $dom; - parent::__construct($service); - $this->dom=$dom; + + protected $dom; // m_dom instance + + function __construct($service) { + global $dom; + parent::__construct($service); + $this->dom = $dom; } - - /** API Method from legacy class method dom->get_domain_list() - * @param $options a hash with parameters transmitted to legacy call - * may be "uid" to only return domains for a specific user-id - * (if you are not admin, this WILL only list YOUR domains anyway) - * may be "offset" and/or "count" to do paging. - * @return Alternc_Api_Response whose content is the list of hosted domains on this server - * (no more details as of now) - */ - function find($options) { - global $cuid; - $sql=""; - if ($this->isAdmin) { - if (isset($options["uid"])) { - $uid=intval($options["uid"]); + /** API Method from legacy class method dom->get_domain_list() + * @param $options a hash with parameters transmitted to legacy call + * may be "uid" to only return domains for a specific user-id + * (if you are not admin, this WILL only list YOUR domains anyway) + * may be "offset" and/or "count" to do paging. + * @return Alternc_Api_Response whose content is the list of hosted domains on this server + * (no more details as of now) + */ + function find($options) { + global $cuid; + $sql = ""; + if ($this->isAdmin) { + if (isset($options["uid"])) { + $uid = intval($options["uid"]); + } else { + $uid = -1; + } } else { - $uid=-1; + $uid = $cuid; } - } else { - $uid=$cuid; - } - if ($uid!=-1) { - $sql=" WHERE compte=$uid "; - } else { - $sql=""; - } - $stmt = $this->db->prepare("SELECT * FROM domaines $sql ORDER BY domaine"); - $stmt->execute(); - $result = array(); - while ($me = $stmt->fetch(PDO::FETCH_OBJ)) { - $result[$me->domaine] = $me; - } - $offset=-1; $count=-1; - if (isset($options["count"])) $count=intval($options["count"]); - if (isset($options["offset"])) $offset=intval($options["offset"]); - if ($offset!=-1 || $count!=-1) { - if ($offset<0 || $offset>count($result)) $offset=0; - if ($count<0 || $count>1000) $count=1000; - $result= array_slice($result, $offset, $count); - } - return new Alternc_Api_Response( array("content" =>$result) ); - } - - - /** API Method from legacy class method dom->add_domain() - * @param $options a hash with parameters transmitted to legacy call - * mandatory parameters: domain(str), dns(bool) - * non-mandatory: noerase(bool, only admins), force(bool, only admins), isslave(bool), slavedom(str) - * @return Alternc_Api_Response whose content is the newly created DOMAIN id - */ - function add($options) { - $mandatory=array("domain","dns"); - $defaults=array("noerase"=>false, "force"=>false, "isslave"=>false, "slavedom"=>""); - $missing=""; - foreach ($mandatory as $key) { - if (!isset($options[$key])) { - $missing.=$key." "; - } - } - if ($missing) { - return new Alternc_Api_Response( array("code" => self::ERR_INVALID_ARGUMENT, "message" => "Missing or invalid argument: ".$missing) ); - } - foreach ($defaults as $key => $value) { - if (!isset($options[$key])) { - $options[$key]=$value; - } - } - if (!$this->isAdmin) { // only admin can change the options below: - $options["noerase"]=false; - $options["force"]=false; - } - $did=$this->dom->add_domain($options["domain"], $options["dns"], $options["noerase"], - $options["force"], $options["isslave"], $options["slavedom"]); - if (!$did) { - return $this->alterncLegacyErrorManager(); - } else { - return new Alternc_Api_Response( array("content" => $did ) ); - } - } - - - - /** API Method from legacy class method dom->edit_domain() - * @param $options a hash with parameters transmitted to legacy call - * mandatory parameters: domain(str), dns(bool) - * non-mandatory: noerase(bool, only admins), force(bool, only admins), isslave(bool), slavedom(str) - * @return Alternc_Api_Response whose content is the newly created DOMAIN id - */ - function update($options) { - $mandatory=array("domain","dns","gesmx"); - $defaults=array("force"=>false, "ttl"=>86400); - $missing=""; - foreach ($mandatory as $key) { - if (!isset($options[$key])) { - $missing.=$key." "; - } - } - if ($missing) { - return new Alternc_Api_Response( array("code" => self::ERR_INVALID_ARGUMENT, "message" => "Missing or invalid argument: ".$missing) ); - } - foreach ($defaults as $key => $value) { - if (!isset($options[$key])) { - $options[$key]=$value; - } - } - if (!$this->isAdmin) { // only admin can change the options below: - $options["force"]=false; - } - $did=$this->dom->edit_domain($options["domain"], $options["dns"], $options["gesmx"], - $options["force"], $options["ttl"]); - if (!$did) { - return $this->alterncLegacyErrorManager(); - } else { - return new Alternc_Api_Response( array("content" => $did ) ); - } - } - - + if ($uid != -1) { + $sql = " WHERE compte=$uid "; + } else { + $sql = ""; + } + $stmt = $this->db->prepare("SELECT * FROM domaines $sql ORDER BY domaine"); + $stmt->execute(); + $result = array(); + while ($me = $stmt->fetch(PDO::FETCH_OBJ)) { + $result[$me->domaine] = $me; + } + $offset = -1; + $count = -1; + if (isset($options["count"])) + $count = intval($options["count"]); + if (isset($options["offset"])) + $offset = intval($options["offset"]); + if ($offset != -1 || $count != -1) { + if ($offset < 0 || $offset > count($result)) + $offset = 0; + if ($count < 0 || $count > 1000) + $count = 1000; + $result = array_slice($result, $offset, $count); + } + return new Alternc_Api_Response(array("content" => $result)); + } - /** API Method from legacy class method dom->del_domain() - * @param $options a hash with parameters transmitted to legacy call - * mandatory parameters: domain - * @return Alternc_Api_Response TRUE if the domain has been marked for deletion. - */ - function del($options) { - if (!isset($options["domain"])) { - return new Alternc_Api_Response( array("code" => self::ERR_ALTERNC_FUNCTION, "message" => "Missing or invalid argument: DOMAIN") ); - } - $result=$this->dom->del_domain($options["domain"]); - if (!$result) { - return $this->alterncLegacyErrorManager(); - } else { - return new Alternc_Api_Response( array("content" => true ) ); - } - } + /** API Method from legacy class method dom->add_domain() + * @param $options a hash with parameters transmitted to legacy call + * mandatory parameters: domain(str), dns(bool) + * non-mandatory: noerase(bool, only admins), force(bool, only admins), isslave(bool), slavedom(str) + * @return Alternc_Api_Response whose content is the newly created DOMAIN id + */ + function add($options) { + $mandatory = array("domain", "dns"); + $defaults = array("noerase" => false, "force" => false, "isslave" => false, "slavedom" => ""); + $missing = ""; + foreach ($mandatory as $key) { + if (!isset($options[$key])) { + $missing.=$key . " "; + } + } + if ($missing) { + return new Alternc_Api_Response(array("code" => self::ERR_INVALID_ARGUMENT, "message" => "Missing or invalid argument: " . $missing)); + } + foreach ($defaults as $key => $value) { + if (!isset($options[$key])) { + $options[$key] = $value; + } + } + if (!$this->isAdmin) { // only admin can change the options below: + $options["noerase"] = false; + $options["force"] = false; + } + $did = $this->dom->add_domain($options["domain"], $options["dns"], $options["noerase"], $options["force"], $options["isslave"], $options["slavedom"]); + if (!$did) { + return $this->alterncLegacyErrorManager(); + } else { + return new Alternc_Api_Response(array("content" => $did)); + } + } - -} // class Alternc_Api_Object_Domain + /** API Method from legacy class method dom->edit_domain() + * @param $options a hash with parameters transmitted to legacy call + * mandatory parameters: domain(str), dns(bool) + * non-mandatory: noerase(bool, only admins), force(bool, only admins), isslave(bool), slavedom(str) + * @return Alternc_Api_Response whose content is the newly created DOMAIN id + */ + function update($options) { + $mandatory = array("domain", "dns", "gesmx"); + $defaults = array("force" => false, "ttl" => 86400); + $missing = ""; + foreach ($mandatory as $key) { + if (!isset($options[$key])) { + $missing.=$key . " "; + } + } + if ($missing) { + return new Alternc_Api_Response(array("code" => self::ERR_INVALID_ARGUMENT, "message" => "Missing or invalid argument: " . $missing)); + } + foreach ($defaults as $key => $value) { + if (!isset($options[$key])) { + $options[$key] = $value; + } + } + if (!$this->isAdmin) { // only admin can change the options below: + $options["force"] = false; + } + $did = $this->dom->edit_domain($options["domain"], $options["dns"], $options["gesmx"], $options["force"], $options["ttl"]); + if (!$did) { + return $this->alterncLegacyErrorManager(); + } else { + return new Alternc_Api_Response(array("content" => $did)); + } + } + + /** API Method from legacy class method dom->del_domain() + * @param $options a hash with parameters transmitted to legacy call + * mandatory parameters: domain + * @return Alternc_Api_Response TRUE if the domain has been marked for deletion. + */ + function del($options) { + if (!isset($options["domain"])) { + return new Alternc_Api_Response(array("code" => self::ERR_ALTERNC_FUNCTION, "message" => "Missing or invalid argument: DOMAIN")); + } + $result = $this->dom->del_domain($options["domain"]); + if (!$result) { + return $this->alterncLegacyErrorManager(); + } else { + return new Alternc_Api_Response(array("content" => true)); + } + } + +} + +// class Alternc_Api_Object_Domain diff --git a/lib/Alternc/Api/Object/Ftp.php b/lib/Alternc/Api/Object/Ftp.php index 85723f46..4a921a54 100644 --- a/lib/Alternc/Api/Object/Ftp.php +++ b/lib/Alternc/Api/Object/Ftp.php @@ -4,112 +4,115 @@ * Ftp Api of AlternC, used by alternc-api package */ class Alternc_Api_Object_Ftp extends Alternc_Api_Legacyobject { - - protected $ftp; // m_ftp instance - - function __construct($service) { - global $ftp; - parent::__construct($service); - $this->ftp=$ftp; - } - - /** API Method from legacy class method ftp->add_ftp() - * @param $options a hash with parameters transmitted to legacy call - * mandatory parameters: prefix, login, pass, dir - * @return Alternc_Api_Response whose content is the newly created UID - */ - function add($options) { - $mandatory=array("prefix","login","pass","dir"); - $missing=""; - foreach ($mandatory as $key) { - if (!isset($options[$key])) { - $missing.=$key." "; - } - } - if ($missing) { - return new Alternc_Api_Response( array("code" => self::ERR_INVALID_ARGUMENT, "message" => "Missing or invalid argument: ".$missing) ); - } - $ftpid=$this->ftp->add_ftp($options["prefix"],$options["login"], $options["pass"], $options["dir"]); - if (!$ftpid) { - return $this->alterncLegacyErrorManager(); - } else { - return new Alternc_Api_Response( array("content" => $ftpid ) ); - } - } + protected $ftp; // m_ftp instance + function __construct($service) { + global $ftp; + parent::__construct($service); + $this->ftp = $ftp; + } - /** API Method from legacy class method ftp->put_ftp_details() - * @param $options a hash with parameters transmitted to legacy call - * mandatory parameters: id - * non-mandatory: prefix, login, pass, dir - * @return Alternc_Api_Response whose content is the updated UID - */ - function update($options) { - $defaults=array("prefix","login","dir"); - if (!isset($options["id"])) { - return new Alternc_Api_Response( array("code" => self::ERR_INVALID_ARGUMENT, "message" => "Missing or invalid argument: ID") ); - } - $id=intval($options["id"]); - $old=$this->ftp->get_ftp_details($id); - if (!$old) { - return new Alternc_Api_Response( array("code" => self::ERR_NOT_FOUND, "message" => "FTP Account not found") ); - } - foreach ($defaults as $key) { - if (!isset($options[$key])) { - $options[$key]=$old[$key]; - } - } - if (!isset($options["pass"])) $options["pass"]=""; - $result=$this->ftp->put_ftp_details($id, $options["prefix"], $options["login"], $options["pass"], $options["dir"]); - if (!$result) { - return $this->alterncLegacyErrorManager(); - } else { - return new Alternc_Api_Response( array("content" => $result ) ); - } - } + /** API Method from legacy class method ftp->add_ftp() + * @param $options a hash with parameters transmitted to legacy call + * mandatory parameters: prefix, login, pass, dir + * @return Alternc_Api_Response whose content is the newly created UID + */ + function add($options) { + $mandatory = array("prefix", "login", "pass", "dir"); + $missing = ""; + foreach ($mandatory as $key) { + if (!isset($options[$key])) { + $missing.=$key . " "; + } + } + if ($missing) { + return new Alternc_Api_Response(array("code" => self::ERR_INVALID_ARGUMENT, "message" => "Missing or invalid argument: " . $missing)); + } + $ftpid = $this->ftp->add_ftp($options["prefix"], $options["login"], $options["pass"], $options["dir"]); + if (!$ftpid) { + return $this->alterncLegacyErrorManager(); + } else { + return new Alternc_Api_Response(array("content" => $ftpid)); + } + } - - /** API Method from legacy class method ftp->del_ftp() - * @param $options a hash with parameters transmitted to legacy call - * mandatory parameters: id - * @return Alternc_Api_Response TRUE if the FTP account has been deleted. - */ - function del($options) { - if (!isset($options["id"])) { - return new Alternc_Api_Response( array("code" => self::ERR_ALTERNC_FUNCTION, "message" => "Missing or invalid argument: ID") ); - } - $result=$this->ftp->delete_ftp(intval($options["id"])); - if (!$result) { - return $this->alterncLegacyErrorManager(); - } else { - return new Alternc_Api_Response( array("content" => true ) ); - } - } + /** API Method from legacy class method ftp->put_ftp_details() + * @param $options a hash with parameters transmitted to legacy call + * mandatory parameters: id + * non-mandatory: prefix, login, pass, dir + * @return Alternc_Api_Response whose content is the updated UID + */ + function update($options) { + $defaults = array("prefix", "login", "dir"); + if (!isset($options["id"])) { + return new Alternc_Api_Response(array("code" => self::ERR_INVALID_ARGUMENT, "message" => "Missing or invalid argument: ID")); + } + $id = intval($options["id"]); + $old = $this->ftp->get_ftp_details($id); + if (!$old) { + return new Alternc_Api_Response(array("code" => self::ERR_NOT_FOUND, "message" => "FTP Account not found")); + } + foreach ($defaults as $key) { + if (!isset($options[$key])) { + $options[$key] = $old[$key]; + } + } + if (!isset($options["pass"])) + $options["pass"] = ""; + $result = $this->ftp->put_ftp_details($id, $options["prefix"], $options["login"], $options["pass"], $options["dir"]); + if (!$result) { + return $this->alterncLegacyErrorManager(); + } else { + return new Alternc_Api_Response(array("content" => $result)); + } + } - - /** API Method from legacy class method ftp->get_list() - * @param $options a hash with parameters transmitted to legacy call - * non-mandatory parameters: - * Any of: offset(int=0), count(int=+inf) - * @return Alternc_Api_Response An array with all matching FTP account informations as hashes - */ - function find($options) { - $result=$this->ftp->get_list(); - if (!$result) { - return $this->alterncLegacyErrorManager(); - } else { - $offset=-1; $count=-1; - if (isset($options["count"])) $count=intval($options["count"]); - if (isset($options["offset"])) $offset=intval($options["offset"]); - if ($offset!=-1 || $count!=-1) { - if ($offset<0 || $offset>count($result)) $offset=0; - if ($count<0 || $count>1000) $count=1000; - $result= array_slice($result, $offset, $count); - } - return new Alternc_Api_Response( array("content" =>$result) ); - } - } - + /** API Method from legacy class method ftp->del_ftp() + * @param $options a hash with parameters transmitted to legacy call + * mandatory parameters: id + * @return Alternc_Api_Response TRUE if the FTP account has been deleted. + */ + function del($options) { + if (!isset($options["id"])) { + return new Alternc_Api_Response(array("code" => self::ERR_ALTERNC_FUNCTION, "message" => "Missing or invalid argument: ID")); + } + $result = $this->ftp->delete_ftp(intval($options["id"])); + if (!$result) { + return $this->alterncLegacyErrorManager(); + } else { + return new Alternc_Api_Response(array("content" => true)); + } + } -} // class Alternc_Api_Object_Ftp \ No newline at end of file + /** API Method from legacy class method ftp->get_list() + * @param $options a hash with parameters transmitted to legacy call + * non-mandatory parameters: + * Any of: offset(int=0), count(int=+inf) + * @return Alternc_Api_Response An array with all matching FTP account informations as hashes + */ + function find($options) { + $result = $this->ftp->get_list(); + if (!$result) { + return $this->alterncLegacyErrorManager(); + } else { + $offset = -1; + $count = -1; + if (isset($options["count"])) + $count = intval($options["count"]); + if (isset($options["offset"])) + $offset = intval($options["offset"]); + if ($offset != -1 || $count != -1) { + if ($offset < 0 || $offset > count($result)) + $offset = 0; + if ($count < 0 || $count > 1000) + $count = 1000; + $result = array_slice($result, $offset, $count); + } + return new Alternc_Api_Response(array("content" => $result)); + } + } + +} + +// class Alternc_Api_Object_Ftp \ No newline at end of file diff --git a/lib/Alternc/Api/Request.php b/lib/Alternc/Api/Request.php index 5ee1e7c5..87bf81cb 100644 --- a/lib/Alternc/Api/Request.php +++ b/lib/Alternc/Api/Request.php @@ -18,25 +18,28 @@ class Alternc_Api_Request { * @var string a token hash (to be authenticated) */ public $token_hash; - + /** * must link to a Alternc_Api_Object_Interface * * @var string */ public $object; + /** * must link to a Alternc_Api_Object_Interface method * * @var string */ public $action; + /** * bag of data * * @var array */ public $options; + /** * * Bag of data @@ -45,59 +48,56 @@ class Alternc_Api_Request { */ public $metadata; - - const ERR_MISSING_PARAMETER = 111801; - + const ERR_MISSING_PARAMETER = 111801; + function __construct($options) { - - + + // Attempts to retrieve object if (isset($options["object"]) && is_string($options["object"])) { $this->object = $options["object"]; } else { throw new \Exception("Missing parameter object", self::ERR_MISSING_PARAMETER); } - + // Attempts to retrieve action if (isset($options["action"]) && is_string($options["action"])) { $this->action = $options["action"]; } else { throw new \Exception("Missing parameter action", self::ERR_MISSING_PARAMETER); } - + // Attempts to retrieve options if (isset($options["options"])) { - if (is_array($options)) { - $this->options = $options["options"]; - } else { - throw new \Exception("Missing parameter options", self::ERR_MISSING_PARAMETER); - } - } else { - $this->options=array(); - } - + if (is_array($options)) { + $this->options = $options["options"]; + } else { + throw new \Exception("Missing parameter options", self::ERR_MISSING_PARAMETER); + } + } else { + $this->options = array(); + } + // Attempts to retrieve token if (isset($options["token"])) { - if (is_a( $options["token"], Alternc_Api_Token)) { - $this->token = $options["token"]; - } else { - throw new \Exception("Bad parameter token", self::ERR_MISSING_PARAMETER); - } - } else { - // Attempts to retrieve token_hash then - if (isset($options["token_hash"]) && is_string( $options["token_hash"])) { - $this->token_hash = $options["token_hash"]; - } else { - throw new \Exception("Missing parameter token OR token_hash", self::ERR_MISSING_PARAMETER); - } - } + if (is_a($options["token"], Alternc_Api_Token)) { + $this->token = $options["token"]; + } else { + throw new \Exception("Bad parameter token", self::ERR_MISSING_PARAMETER); + } + } else { + // Attempts to retrieve token_hash then + if (isset($options["token_hash"]) && is_string($options["token_hash"])) { + $this->token_hash = $options["token_hash"]; + } else { + throw new \Exception("Missing parameter token OR token_hash", self::ERR_MISSING_PARAMETER); + } + } // Attempts to retrieve metadata (eg: API version) if (isset($options["metadata"])) { $this->metadata = $options["metadata"]; - } - - - + } } -} \ No newline at end of file + +} diff --git a/lib/Alternc/Api/Response.php b/lib/Alternc/Api/Response.php index ac54ec84..61facd3e 100644 --- a/lib/Alternc/Api/Response.php +++ b/lib/Alternc/Api/Response.php @@ -6,65 +6,62 @@ */ class Alternc_Api_Response { - /** - * Error codes - */ - const ERR_DISABLED_ACCOUNT = 221801; - const ERR_INVALID_AUTH = 221802; - + /** + * Error codes + */ + const ERR_DISABLED_ACCOUNT = 221801; + const ERR_INVALID_AUTH = 221802; /** * Result code. 0 means success * * @var int */ - public $code; - + public $code; + /** * Result message. May be empty * * @var string */ public $message; - + /** * Result data * * @var array */ public $content; - + /** * Result metadata * * @var array */ - public $metadata; - + public $metadata; /** * initialize a response object * @param options any of the public above */ - public function __construct($options=array()) { - $os=array("code","message","content","metadata"); - foreach ($os as $o) { - if (isset($options[$o])) $this->$o=$options[$o]; - } + public function __construct($options = array()) { + $os = array("code", "message", "content", "metadata"); + foreach ($os as $o) { + if (isset($options[$o])) + $this->$o = $options[$o]; + } } - /** * Formats response to json * * @return string */ - public function toJson (){ + public function toJson() { return json_encode(get_object_vars($this)); } +} - - -} // class Alternc_Api_Response +// class Alternc_Api_Response diff --git a/lib/Alternc/Api/Service.php b/lib/Alternc/Api/Service.php index 78a712b9..dfaea26a 100644 --- a/lib/Alternc/Api/Service.php +++ b/lib/Alternc/Api/Service.php @@ -7,164 +7,159 @@ * Service API used by server to export API methods */ class Alternc_Api_Service { - - public $db; // PDO object - private $loggerList; // List of loggers - private $allowedAuth; // list of allowed authenticators - public $token; // Token (useful for called classes) + public $db; // PDO object + private $loggerList; // List of loggers + private $allowedAuth; // list of allowed authenticators + public $token; // Token (useful for called classes) - const ERR_INVALID_ARGUMENT = 111801; - const ERR_METHOD_DENIED = 111802; - const ERR_INVALID_ANSWER = 111803; - const ERR_SETUID_FORBIDDEN = 111804; - const ERR_SETUID_USER_NOT_FOUND = 111805; - const ERR_OBJECT_NOT_FOUND = 111806; - const ERR_ACTION_NOT_FOUND = 111807; - const ERR_INVALID_TOKEN = 111808; + const ERR_INVALID_ARGUMENT = 111801; + const ERR_METHOD_DENIED = 111802; + const ERR_INVALID_ANSWER = 111803; + const ERR_SETUID_FORBIDDEN = 111804; + const ERR_SETUID_USER_NOT_FOUND = 111805; + const ERR_OBJECT_NOT_FOUND = 111806; + const ERR_ACTION_NOT_FOUND = 111807; + const ERR_INVALID_TOKEN = 111808; - /** - * Constructor of the Api Service Wrapper - * - * @param $options an hash with - * databaseAdapter: an already initialized PDO object - * see http://php.net/PDO - * loginAdapterList: (not mandatory) list of allowed authentication adapters (their codename) - * see Alternc/Api/Auth/* - * loggerAdapter: (not mandatory), a PSR3-Interface-compliant class or a list of it. - * see https://github.com/php-fig/fig-standards/blob/master/accepted/PSR-3-logger-interface.md for more information - * - * @return create the object - */ + /** + * Constructor of the Api Service Wrapper + * + * @param $options an hash with + * databaseAdapter: an already initialized PDO object + * see http://php.net/PDO + * loginAdapterList: (not mandatory) list of allowed authentication adapters (their codename) + * see Alternc/Api/Auth/* + * loggerAdapter: (not mandatory), a PSR3-Interface-compliant class or a list of it. + * see https://github.com/php-fig/fig-standards/blob/master/accepted/PSR-3-logger-interface.md for more information + * + * @return create the object + */ + function __construct($options) { - function __construct($options) { + // What DB shall we connect to? + // Note: it MUST be in this mode : $dbh->setAttribute(PDO::ATTR_ERRMODE, PDO::ERRMODE_EXCEPTION); + if (isset($options["databaseAdapter"]) && $options["databaseAdapter"] instanceof PDO) { + $this->db = $options["databaseAdapter"]; + } else { + throw new \Exception("Missing required parameter databaseAdapter", self::ERR_INVALID_ARGUMENT); + } - // What DB shall we connect to? - // Note: it MUST be in this mode : $dbh->setAttribute(PDO::ATTR_ERRMODE, PDO::ERRMODE_EXCEPTION); - if (isset($options["databaseAdapter"]) && $options["databaseAdapter"] instanceof PDO) { - $this->db=$options["databaseAdapter"]; - } else { - throw new \Exception("Missing required parameter databaseAdapter", self::ERR_INVALID_ARGUMENT); + // Which login is allowed? + $this->allowedAuth = array(); + if (isset($options["loginAdapterList"]) && is_array($options["loginAdapterList"])) { + foreach ($options["loginAdapterList"] as $lal) { + $this->allowedAuth[] = (string) $lal; + } + } + + // To which logger(s) shall we log to? + if (isset($options["loggerAdapter"])) { + if (!is_array($options["loggerAdapter"])) + $options["loggerAdapter"] = array($options["loggerAdapter"]); + foreach ($options["loggerAdapter"] as $la) { + if ($la instanceof Psr\Log\LoggerInterface) + $this->loggerList[] = $la; + } + } } - // Which login is allowed? - $this->allowedAuth=array(); - if (isset($options["loginAdapterList"]) && is_array($options["loginAdapterList"]) ) { - foreach($options["loginAdapterList"] as $lal) { - $this->allowedAuth[] = (string)$lal; - } - } +// __construct - // To which logger(s) shall we log to? - if (isset($options["loggerAdapter"])) { - if (!is_array($options["loggerAdapter"])) $options["loggerAdapter"]=array($options["loggerAdapter"]); - foreach($options["loggerAdapter"] as $la) { - if ($la instanceof Psr\Log\LoggerInterface) - $this->loggerList[]=$la; - } + /** + * Authenticate into an AlternC server + * @param $auth hash with + * method: string describing the authentication name (in Alternc_Api_Auth_xxx) + * options: array list of parameters for the corresponding auth. + * if 'uid' is set in the option hash, the account MUST be an administrator one + * and as a result, the returned Api_Token will be set to this UID and not the admin one. + * @return Alternc_Api_Token an API Token + */ + function auth($auth) { + if (!isset($auth["method"]) || !is_string($auth["method"])) { + throw new \Exception("Missing required parameter method", self::ERR_INVALID_ARGUMENT); + } + if (!isset($auth["options"]) || !is_array($auth["options"])) { + throw new \Exception("Missing required parameter options", self::ERR_INVALID_ARGUMENT); + } + + if (count($this->allowedAuth) && !in_array($auth["method"], $this->allowedAuth)) { + throw new \Exception("Method not allowed", self::ERR_METHOD_DENIED); + } + if (isset($auth["options"]["uid"]) && !intval($auth["options"]["uid"])) { + throw new \Exception("Invalid UID", self::ERR_INVALID_ARGUMENT); + } + + $adapterName = "Alternc_Api_Auth_" . ucfirst(strtolower($auth["method"])); + + $authAdapter = new $adapterName($this); + + $token = $authAdapter->auth($auth["options"]); + + // something went wrong user-side + if ($token instanceof Alternc_Api_Response) + return $token; + // something went *really* wrong (bad type): + if (!$token instanceof Alternc_Api_Token) + throw new \Exception("Invalid answer from Api_Auth_Interface", self::ERR_INVALID_ANSWER); + + if (isset($auth["options"]["uid"])) { + if (!$token->isAdmin) { + // Non-admin are not allowed to setuid + return new Alternc_Api_Response(array("code" => self::ERR_SETUID_FORBIDDEN, "message" => "This user is not allowed to set his uid")); + } + // Search for the requested user. We allow using *disabled* account here since we are admin + foreach ($this->db->query("SELECT uid FROM membres WHERE uid=" . intval($auth["options"]["uid"])) as $setuid) { + $token->uid = intval($setuid['uid']); + $stmt = $this->db->prepare("UPDATE token SET data=? WHERE token=?"); + $stmt->execute(array($token->toJson(), $token->token)); + return $token; + } + return new Alternc_Api_Response(array("code" => self::ERR_SETUID_USER_NOT_FOUND, "message" => "Can't find the user you want to setuid to")); + } + return $token; } - } // __construct + /** + * Manage an API Call + * @param Alternc_Api_Request $request The API call + * the request must have "object" and "action" elements, and a "token" to authenticate + * "options" are sent as it is to the Api Call. + * @return Alternc_Api_Response an API response + */ + function call($request) { + if (!$request instanceof Alternc_Api_Request) + throw new \Exception("request must be an Alternc_Api_Request object", self::ERR_INVALID_ARGUMENT); + // we set the token in the Service object, so that other classes can use it :) + $this->token = Alternc_Api_Token::tokenGet($request->token_hash, $this->db); + if ($this->token instanceof Alternc_Api_Response) // bad token + return $this->token; - /** - * Authenticate into an AlternC server - * @param $auth hash with - * method: string describing the authentication name (in Alternc_Api_Auth_xxx) - * options: array list of parameters for the corresponding auth. - * if 'uid' is set in the option hash, the account MUST be an administrator one - * and as a result, the returned Api_Token will be set to this UID and not the admin one. - * @return Alternc_Api_Token an API Token - */ - function auth($auth) { - if (!isset($auth["method"]) || !is_string($auth["method"])) { - throw new \Exception("Missing required parameter method", self::ERR_INVALID_ARGUMENT); - } - if (!isset($auth["options"]) || !is_array($auth["options"])) { - throw new \Exception("Missing required parameter options", self::ERR_INVALID_ARGUMENT); + $className = "Alternc_Api_Object_" . ucfirst(strtolower($request->object)); + if (!class_exists($className)) + return new Alternc_Api_Response(array("code" => self::ERR_OBJECT_NOT_FOUND, "message" => "Object not found in this AlternC's instance")); + + $object = new $className($this); + + $action = $request->action; + if (!method_exists($object, $action)) + return new Alternc_Api_Response(array("code" => self::ERR_ACTION_NOT_FOUND, "message" => "Action not found for this object in this AlternC's instance")); + + $request->token = $this->token; // we receive $request->token_hash as a STRING, but we transmit its object as an Alternc_Api_Token. + // TODO: log this Api Call + return $object->$action($request->options); } - if (count($this->allowedAuth) && !in_array($auth["method"],$this->allowedAuth)) { - throw new \Exception("Method not allowed", self::ERR_METHOD_DENIED); - } - if (isset($auth["options"]["uid"]) && !intval($auth["options"]["uid"])) { - throw new \Exception("Invalid UID", self::ERR_INVALID_ARGUMENT); + /** + * Getter for the databaseAdapter + * (used by authAdapter) + */ + function getDb() { + return $this->db; } - $adapterName = "Alternc_Api_Auth_".ucfirst(strtolower($auth["method"])); +} - $authAdapter = new $adapterName($this); - - $token = $authAdapter->auth($auth["options"]); - - // something went wrong user-side - if ($token instanceof Alternc_Api_Response) - return $token; - // something went *really* wrong (bad type): - if (!$token instanceof Alternc_Api_Token) - throw new \Exception("Invalid answer from Api_Auth_Interface", self::ERR_INVALID_ANSWER); - - if (isset($auth["options"]["uid"])) { - if (!$token->isAdmin) { - // Non-admin are not allowed to setuid - return new Alternc_Api_Response( array("code" => self::ERR_SETUID_FORBIDDEN, "message" => "This user is not allowed to set his uid") ); - } - // Search for the requested user. We allow using *disabled* account here since we are admin - foreach($this->db->query("SELECT uid FROM membres WHERE uid=".intval($auth["options"]["uid"])) as $setuid) { - $token->uid=intval($setuid['uid']); - $stmt=$this->db->prepare("UPDATE token SET data=? WHERE token=?"); - $stmt->execute(array( $token->toJson(), $token->token)); - return $token; - } - return new Alternc_Api_Response( array("code" => self::ERR_SETUID_USER_NOT_FOUND, "message" => "Can't find the user you want to setuid to") ); - } - return $token; - } - - - /** - * Manage an API Call - * @param Alternc_Api_Request $request The API call - * the request must have "object" and "action" elements, and a "token" to authenticate - * "options" are sent as it is to the Api Call. - * @return Alternc_Api_Response an API response - */ - function call($request) { - if (!$request instanceof Alternc_Api_Request) - throw new \Exception("request must be an Alternc_Api_Request object", self::ERR_INVALID_ARGUMENT); - - // we set the token in the Service object, so that other classes can use it :) - $this->token = Alternc_Api_Token::tokenGet($request->token_hash,$this->db); - if ($this->token instanceof Alternc_Api_Response) // bad token - return $this->token; - - $className = "Alternc_Api_Object_".ucfirst(strtolower($request->object)); - if (!class_exists($className)) - return new Alternc_Api_Response( array("code" => self::ERR_OBJECT_NOT_FOUND, "message" => "Object not found in this AlternC's instance") ); - - $object = new $className($this); - - $action=$request->action; - if (!method_exists($object, $action)) - return new Alternc_Api_Response( array("code" => self::ERR_ACTION_NOT_FOUND, "message" => "Action not found for this object in this AlternC's instance") ); - - $request->token=$this->token; // we receive $request->token_hash as a STRING, but we transmit its object as an Alternc_Api_Token. - - // TODO: log this Api Call - return $object->$action($request->options); - } - - - /** - * Getter for the databaseAdapter - * (used by authAdapter) - */ - function getDb() { - return $this->db; - } - - - - -} // class Alternc_Api_Service +// class Alternc_Api_Service diff --git a/lib/Alternc/Api/Token.php b/lib/Alternc/Api/Token.php index 63bb5a77..17da89f1 100644 --- a/lib/Alternc/Api/Token.php +++ b/lib/Alternc/Api/Token.php @@ -6,34 +6,32 @@ */ class Alternc_Api_Token { + const ERR_DATABASE_ERROR = 112001; + const ERR_INVALID_ARGUMENT = 112002; + const ERR_MISSING_ARGUMENT = 112003; + const ERR_INVALID_TOKEN = 112004; - const ERR_DATABASE_ERROR=112001; - const ERR_INVALID_ARGUMENT=112002; - const ERR_MISSING_ARGUMENT=112003; - const ERR_INVALID_TOKEN=112004; - /** * AlternC User-Id * * @var int */ - public $uid; - + public $uid; + /** * Is this an admin account ? * * @var boolean */ public $isAdmin; - + /** * The Token itself * * @var string */ public $token; - - + /** * how long (seconds) is a token valid * @@ -41,65 +39,59 @@ class Alternc_Api_Token { */ public $tokenDuration = 2678400; // default is a month - /** * initialize a token object * @param options any of the public above * may contain a dbAdapter, in that case create() will be available */ - public function __construct($options=array()) { - if (isset($options["uid"]) && is_int($options["uid"])) - $this->uid=$options["uid"]; + public function __construct($options = array()) { - if (isset($options["isAdmin"]) && is_bool($options["isAdmin"])) - $this->isAdmin=$options["isAdmin"]; + if (isset($options["uid"]) && is_int($options["uid"])) + $this->uid = $options["uid"]; + if (isset($options["isAdmin"]) && is_bool($options["isAdmin"])) + $this->isAdmin = $options["isAdmin"]; } - /** * Formats response to json * * @return string */ - public function toJson (){ - return json_encode( - array("uid"=>$this->uid, - "isAdmin" => $this->isAdmin, - "token" => $this->token) - ); + public function toJson() { + return json_encode( + array("uid" => $this->uid, + "isAdmin" => $this->isAdmin, + "token" => $this->token) + ); } - /** * Create a new token in the DB for the associated user/admin * * @return string the token (32 chars) */ - public static function tokenGenerate($options,$db) { - if (!($db instanceof PDO)) { - throw new \Exception("No DB Object, can't create",self::ERR_DATABASE_ERROR); - } - if (!isset($options["uid"]) || !isset($options["isAdmin"])) { - throw new \Exception("Missing Arguments (uid,isAdmin)",self::ERR_MISSING_ARGUMENT); - } - - $token=new Alternc_Api_Token($options); + public static function tokenGenerate($options, $db) { + if (!($db instanceof PDO)) { + throw new \Exception("No DB Object, can't create", self::ERR_DATABASE_ERROR); + } + if (!isset($options["uid"]) || !isset($options["isAdmin"])) { + throw new \Exception("Missing Arguments (uid,isAdmin)", self::ERR_MISSING_ARGUMENT); + } - do { - $token->token = $token->tokenRandom(); - $stmt=$db->prepare("INSERT IGNORE INTO token SET token=?, expire=DATE_ADD(NOW(), INTERVAL ? SECOND), data=?"); - $stmt->execute(array($token->token,$token->tokenDuration, $token->toJson())); - $rows = $stmt->rowCount(); - - } while ($rows==0); // prevent collisions + $token = new Alternc_Api_Token($options); - return $token; + do { + $token->token = $token->tokenRandom(); + $stmt = $db->prepare("INSERT IGNORE INTO token SET token=?, expire=DATE_ADD(NOW(), INTERVAL ? SECOND), data=?"); + $stmt->execute(array($token->token, $token->tokenDuration, $token->toJson())); + $rows = $stmt->rowCount(); + } while ($rows == 0); // prevent collisions + + return $token; } - - /** * Check and return a token * @param $token string a 32-chars token @@ -107,34 +99,34 @@ class Alternc_Api_Token { * * @return Alternc_Api_Token object or NULL */ - public static function tokenGet($token,$db) { - if (!($db instanceof PDO)) { - throw new \Exception("No DB Object, can't create",self::ERR_DATABASE_ERROR); - } - if (!is_string($token) || !preg_match("#^[a-zA-Z0-9]{32}$#",$token)) { - return new Alternc_Api_Response( array("code" => self::ERR_INVALID_TOKEN, "message" => "Invalid token") ); - } - $stmt=$db->prepare("SELECT * FROM token WHERE token=?"); - $stmt->execute(array($token)); - if ( $tok=$stmt->fetch(PDO::FETCH_OBJ) ) { - return new Alternc_Api_Token( json_decode($tok->data,true) ); - } - return new Alternc_Api_Response( array("code" => self::ERR_INVALID_TOKEN, "message" => "Invalid token") ); + public static function tokenGet($token, $db) { + if (!($db instanceof PDO)) { + throw new \Exception("No DB Object, can't create", self::ERR_DATABASE_ERROR); + } + if (!is_string($token) || !preg_match("#^[a-zA-Z0-9]{32}$#", $token)) { + return new Alternc_Api_Response(array("code" => self::ERR_INVALID_TOKEN, "message" => "Invalid token")); + } + $stmt = $db->prepare("SELECT * FROM token WHERE token=?"); + $stmt->execute(array($token)); + if ($tok = $stmt->fetch(PDO::FETCH_OBJ)) { + return new Alternc_Api_Token(json_decode($tok->data, true)); + } + return new Alternc_Api_Response(array("code" => self::ERR_INVALID_TOKEN, "message" => "Invalid token")); } - /** * Generate a new random token * @return string */ - public function tokenRandom(){ - $chars="abcdefghijklmnopqrstuvwxyzABCDEFGHIJKLMNOPQRSTUVWXYZ0123456789"; - $s=""; - for($i=0;$i<32;$i++) - $s.=substr($chars,rand(0,61),1); - return $s; + public function tokenRandom() { + $chars = "abcdefghijklmnopqrstuvwxyzABCDEFGHIJKLMNOPQRSTUVWXYZ0123456789"; + $s = ""; + for ($i = 0; $i < 32; $i++) + $s.=substr($chars, rand(0, 61), 1); + return $s; } - -} // class Alternc_Api_Response +} + +// class Alternc_Api_Response