kienan
/
AlternC
mirror of https://github.com/kienanstewart/AlternC.git
1
0
Fork 0
Code Issues Releases Wiki Activity

[enh] formatting

This commit is contained in:
Benjamin Sonntag 2015-01-12 20:16:28 +01:00
parent afbed13686
commit a1a49955c2
10 changed files with 659 additions and 685 deletions

4
lib/Alternc/Api/Auth/Interface.php
View File

@ -12,19 +12,15 @@ interface Alternc_Api_Auth_Interface {
*/
function __construct($service);
/**
* auth takes options specific to the auth itself
* returns an Alternc_Api_Token object
*/
function auth($options);
/**
* instructions on how to use this Auth class
* @return array("fields" => array("fields to send, required or not"), "description" => "description of this auth")
*/
function instructions();
}

26
lib/Alternc/Api/Auth/Login.php
View File

@ -5,7 +5,6 @@
*/
class Alternc_Api_Auth_Login implements Alternc_Api_Auth_Interface {
private $db; // PDO object
const ERR_INVALID_ARGUMENT = 1111201;
@ -16,15 +15,13 @@ class Alternc_Api_Auth_Login implements Alternc_Api_Auth_Interface {
* @param $service an Alternc_Api_Service object
* @return create the object
*/
function __constructor($service) {
function __construct($service) {
if (!($service instanceof Alternc_Api_Service))
throw new \Exception("Invalid argument (service)",ERR_INVALID_ARGUMENT);
throw new \Exception("Invalid argument (service)", ERR_INVALID_ARGUMENT);
$this->db = $service->getDb();
} // __construct
}
/**
* Authenticate a user
@ -42,24 +39,22 @@ class Alternc_Api_Auth_Login implements Alternc_Api_Auth_Interface {
throw new \Exception("Missing required parameter password", self::ERR_INVALID_ARGUMENT);
}
if (!preg_match("#^[0-9a-zA-Z-]{1,32}$#",$options["login"])) { // FIXME : normalize this on AlternC !!!
if (!preg_match("#^[0-9a-zA-Z-]{1,32}$#", $options["login"])) { // FIXME : normalize this on AlternC !!!
throw new \Exception("Invalid login", self::ERR_INVALID_LOGIN);
}
$stmt = $db->query("SELECT m.enabled,m.uid,m.login,m.su FROM membres m WHERE m.login=? AND m.password=?;",array($options["login"],$options["password"]),PDO::FETCH_CLASS);
$me=$stmt->fetch();
$stmt = $db->query("SELECT m.enabled,m.uid,m.login,m.su FROM membres m WHERE m.login=? AND m.password=?;", array($options["login"], $options["password"]), PDO::FETCH_CLASS);
$me = $stmt->fetch();
if (!$me)
return new Alternc_Api_Response(array("code"=>ERR_INVALID_AUTH, "message" => "Invalid login or password"));
return new Alternc_Api_Response(array("code" => ERR_INVALID_AUTH, "message" => "Invalid login or password"));
if (!$me->enabled)
return new Alternc_Api_Response(array("code"=>ERR_DISABLED_ACCOUNT, "message" => "Account is disabled"));
return new Alternc_Api_Response(array("code" => ERR_DISABLED_ACCOUNT, "message" => "Account is disabled"));
return Alternc_Api_Token::tokenGenerate(
array("uid"=>$me->uid, "isAdmin"=>($me->su!=0) ),
$this->db
array("uid" => $me->uid, "isAdmin" => ($me->su != 0)), $this->db
);
}
/**
* instructions on how to use this Auth class
* @return array("fields" => array("fields to send, required or not"), "description" => "description of this auth")
@ -70,6 +65,7 @@ class Alternc_Api_Auth_Login implements Alternc_Api_Auth_Interface {
);
}
}
} // class Alternc_Api_Auth_Login
// class Alternc_Api_Auth_Login

30
lib/Alternc/Api/Auth/Sharedsecret.php
View File

@ -6,7 +6,6 @@
*/
class Alternc_Api_Auth_Sharedsecret implements Alternc_Api_Auth_Interface {
private $db; // PDO object
const ERR_INVALID_ARGUMENT = 1111801;
@ -24,12 +23,12 @@ class Alternc_Api_Auth_Sharedsecret implements Alternc_Api_Auth_Interface {
function __construct($service) {
if (!($service instanceof Alternc_Api_Service))
throw new \Exception("Invalid argument (service)",ERR_INVALID_ARGUMENT);
throw new \Exception("Invalid argument (service)", ERR_INVALID_ARGUMENT);
$this->db = $service->getDb();
}
} // __construct
// __construct
/**
* Authenticate a user
@ -46,29 +45,27 @@ class Alternc_Api_Auth_Sharedsecret implements Alternc_Api_Auth_Interface {
if (!isset($options["secret"]) || !is_string($options["secret"])) {
throw new \Exception("Missing required parameter secret", self::ERR_INVALID_ARGUMENT);
}
if (!preg_match("#^[0-9a-zA-Z]{32}$#",$options["secret"])) {
return new Alternc_Api_Response( array("code" => self::ERR_INVALID_SECRET, "message" => "Invalid shared secret syntax") );
if (!preg_match("#^[0-9a-zA-Z]{32}$#", $options["secret"])) {
return new Alternc_Api_Response(array("code" => self::ERR_INVALID_SECRET, "message" => "Invalid shared secret syntax"));
}
if (!preg_match("#^[0-9a-zA-Z-]{1,32}$#",$options["login"])) { // FIXME : normalize this on AlternC !!!
return new Alternc_Api_Response( array("code" => self::ERR_INVALID_LOGIN, "message" => "Invalid login") );
if (!preg_match("#^[0-9a-zA-Z-]{1,32}$#", $options["login"])) { // FIXME : normalize this on AlternC !!!
return new Alternc_Api_Response(array("code" => self::ERR_INVALID_LOGIN, "message" => "Invalid login"));
}
$stmt = $this->db->prepare("SELECT m.enabled,m.uid,m.login,m.su FROM membres m, sharedsecret s WHERE s.uid=m.uid AND m.login=? AND s.secret=?;");
$stmt->execute(array($options["login"],$options["secret"]) );
$me=$stmt->fetch(PDO::FETCH_OBJ);
$stmt->execute(array($options["login"], $options["secret"]));
$me = $stmt->fetch(PDO::FETCH_OBJ);
if (!$me)
return new Alternc_Api_Response( array("code" => self::ERR_INVALID_AUTH, "message" => "Invalid shared secret") );
return new Alternc_Api_Response(array("code" => self::ERR_INVALID_AUTH, "message" => "Invalid shared secret"));
if (!$me->enabled)
return new Alternc_Api_Response( array("code" => self::ERR_DISABLED_ACCOUNT, "message" => "Account is disabled") );
return new Alternc_Api_Response(array("code" => self::ERR_DISABLED_ACCOUNT, "message" => "Account is disabled"));
return Alternc_Api_Token::tokenGenerate(
array("uid"=>(int)$me->uid, "isAdmin"=>($me->su!=0) ),
$this->db
array("uid" => (int) $me->uid, "isAdmin" => ($me->su != 0)), $this->db
);
}
/**
* instructions on how to use this Auth class
* @return array("fields" => array("fields to send, required or not"), "description" => "description of this auth")
@ -79,6 +76,7 @@ class Alternc_Api_Auth_Sharedsecret implements Alternc_Api_Auth_Interface {
);
}
}
} // class Alternc_Api_Auth_Sharedsecret
// class Alternc_Api_Auth_Sharedsecret

18
lib/Alternc/Api/Legacyobject.php
View File

@ -17,28 +17,28 @@ class Alternc_Api_Legacyobject {
const ERR_ALTERNC_FUNCTION = 111202;
function __construct($service) {
global $admin,$cuid;
global $admin, $cuid;
if (!($service instanceof Alternc_Api_Service)) {
throw new \Exception("Bad argument: service is not an Alternc_Api_Service", self::ERR_INVALID_ARGUMENT);
}
// We store the global $cuid to AlternC legacy classes
$this->db=$service->db;
$this->cuid=$cuid=$service->token->uid;
$this->isAdmin=$service->token->isAdmin;
$this->db = $service->db;
$this->cuid = $cuid = $service->token->uid;
$this->isAdmin = $service->token->isAdmin;
// We use the global $admin from AlternC legacy classes
$this->admin=$admin;
$this->admin = $admin;
// Set the legacy rights:
$this->admin->enabled=$this->isAdmin;
$this->admin->enabled = $this->isAdmin;
}
/** return a proper Alternc_Api_Response from an error class and error string
* from AlternC legacy class
*/
protected function alterncLegacyErrorManager() {
global $err;
return new Alternc_Api_Response( array("code" => self::ERR_ALTERNC_FUNCTION, "message" => "[".$err->clsid."] ".$err->error) );
return new Alternc_Api_Response(array("code" => self::ERR_ALTERNC_FUNCTION, "message" => "[" . $err->clsid . "] " . $err->error));
}
}
} /* Aternc_Api_Legacyobject */
/* Aternc_Api_Legacyobject */

93
lib/Alternc/Api/Object/Domain.php
View File

@ -5,16 +5,14 @@
*/
class Alternc_Api_Object_Domain extends Alternc_Api_Legacyobject {
protected $dom; // m_dom instance
function __construct($service) {
global $dom;
parent::__construct($service);
$this->dom=$dom;
$this->dom = $dom;
}
/** API Method from legacy class method dom->get_domain_list()
* @param $options a hash with parameters transmitted to legacy call
* may be "uid" to only return domains for a specific user-id
@ -25,20 +23,20 @@ class Alternc_Api_Object_Domain extends Alternc_Api_Legacyobject {
*/
function find($options) {
global $cuid;
$sql="";
$sql = "";
if ($this->isAdmin) {
if (isset($options["uid"])) {
$uid=intval($options["uid"]);
$uid = intval($options["uid"]);
} else {
$uid=-1;
$uid = -1;
}
} else {
$uid=$cuid;
$uid = $cuid;
}
if ($uid!=-1) {
$sql=" WHERE compte=$uid ";
if ($uid != -1) {
$sql = " WHERE compte=$uid ";
} else {
$sql="";
$sql = "";
}
$stmt = $this->db->prepare("SELECT * FROM domaines $sql ORDER BY domaine");
$stmt->execute();
@ -46,18 +44,22 @@ class Alternc_Api_Object_Domain extends Alternc_Api_Legacyobject {
while ($me = $stmt->fetch(PDO::FETCH_OBJ)) {
$result[$me->domaine] = $me;
}
$offset=-1; $count=-1;
if (isset($options["count"])) $count=intval($options["count"]);
if (isset($options["offset"])) $offset=intval($options["offset"]);
if ($offset!=-1 || $count!=-1) {
if ($offset<0 || $offset>count($result)) $offset=0;
if ($count<0 || $count>1000) $count=1000;
$result= array_slice($result, $offset, $count);
$offset = -1;
$count = -1;
if (isset($options["count"]))
$count = intval($options["count"]);
if (isset($options["offset"]))
$offset = intval($options["offset"]);
if ($offset != -1 || $count != -1) {
if ($offset < 0 || $offset > count($result))
$offset = 0;
if ($count < 0 || $count > 1000)
$count = 1000;
$result = array_slice($result, $offset, $count);
}
return new Alternc_Api_Response( array("content" =>$result) );
return new Alternc_Api_Response(array("content" => $result));
}
/** API Method from legacy class method dom->add_domain()
* @param $options a hash with parameters transmitted to legacy call
* mandatory parameters: domain(str), dns(bool)
@ -65,37 +67,34 @@ class Alternc_Api_Object_Domain extends Alternc_Api_Legacyobject {
* @return Alternc_Api_Response whose content is the newly created DOMAIN id
*/
function add($options) {
$mandatory=array("domain","dns");
$defaults=array("noerase"=>false, "force"=>false, "isslave"=>false, "slavedom"=>"");
$missing="";
$mandatory = array("domain", "dns");
$defaults = array("noerase" => false, "force" => false, "isslave" => false, "slavedom" => "");
$missing = "";
foreach ($mandatory as $key) {
if (!isset($options[$key])) {
$missing.=$key." ";
$missing.=$key . " ";
}
}
if ($missing) {
return new Alternc_Api_Response( array("code" => self::ERR_INVALID_ARGUMENT, "message" => "Missing or invalid argument: ".$missing) );
return new Alternc_Api_Response(array("code" => self::ERR_INVALID_ARGUMENT, "message" => "Missing or invalid argument: " . $missing));
}
foreach ($defaults as $key => $value) {
if (!isset($options[$key])) {
$options[$key]=$value;
$options[$key] = $value;
}
}
if (!$this->isAdmin) { // only admin can change the options below:
$options["noerase"]=false;
$options["force"]=false;
$options["noerase"] = false;
$options["force"] = false;
}
$did=$this->dom->add_domain($options["domain"], $options["dns"], $options["noerase"],
$options["force"], $options["isslave"], $options["slavedom"]);
$did = $this->dom->add_domain($options["domain"], $options["dns"], $options["noerase"], $options["force"], $options["isslave"], $options["slavedom"]);
if (!$did) {
return $this->alterncLegacyErrorManager();
} else {
return new Alternc_Api_Response( array("content" => $did ) );
return new Alternc_Api_Response(array("content" => $did));
}
}
/** API Method from legacy class method dom->edit_domain()
* @param $options a hash with parameters transmitted to legacy call
* mandatory parameters: domain(str), dns(bool)
@ -103,36 +102,33 @@ class Alternc_Api_Object_Domain extends Alternc_Api_Legacyobject {
* @return Alternc_Api_Response whose content is the newly created DOMAIN id
*/
function update($options) {
$mandatory=array("domain","dns","gesmx");
$defaults=array("force"=>false, "ttl"=>86400);
$missing="";
$mandatory = array("domain", "dns", "gesmx");
$defaults = array("force" => false, "ttl" => 86400);
$missing = "";
foreach ($mandatory as $key) {
if (!isset($options[$key])) {
$missing.=$key." ";
$missing.=$key . " ";
}
}
if ($missing) {
return new Alternc_Api_Response( array("code" => self::ERR_INVALID_ARGUMENT, "message" => "Missing or invalid argument: ".$missing) );
return new Alternc_Api_Response(array("code" => self::ERR_INVALID_ARGUMENT, "message" => "Missing or invalid argument: " . $missing));
}
foreach ($defaults as $key => $value) {
if (!isset($options[$key])) {
$options[$key]=$value;
$options[$key] = $value;
}
}
if (!$this->isAdmin) { // only admin can change the options below:
$options["force"]=false;
$options["force"] = false;
}
$did=$this->dom->edit_domain($options["domain"], $options["dns"], $options["gesmx"],
$options["force"], $options["ttl"]);
$did = $this->dom->edit_domain($options["domain"], $options["dns"], $options["gesmx"], $options["force"], $options["ttl"]);
if (!$did) {
return $this->alterncLegacyErrorManager();
} else {
return new Alternc_Api_Response( array("content" => $did ) );
return new Alternc_Api_Response(array("content" => $did));
}
}
/** API Method from legacy class method dom->del_domain()
* @param $options a hash with parameters transmitted to legacy call
* mandatory parameters: domain
@ -140,15 +136,16 @@ class Alternc_Api_Object_Domain extends Alternc_Api_Legacyobject {
*/
function del($options) {
if (!isset($options["domain"])) {
return new Alternc_Api_Response( array("code" => self::ERR_ALTERNC_FUNCTION, "message" => "Missing or invalid argument: DOMAIN") );
return new Alternc_Api_Response(array("code" => self::ERR_ALTERNC_FUNCTION, "message" => "Missing or invalid argument: DOMAIN"));
}
$result=$this->dom->del_domain($options["domain"]);
$result = $this->dom->del_domain($options["domain"]);
if (!$result) {
return $this->alterncLegacyErrorManager();
} else {
return new Alternc_Api_Response( array("content" => true ) );
return new Alternc_Api_Response(array("content" => true));
}
}
}
} // class Alternc_Api_Object_Domain
// class Alternc_Api_Object_Domain

69
lib/Alternc/Api/Object/Ftp.php
View File

@ -10,35 +10,33 @@ class Alternc_Api_Object_Ftp extends Alternc_Api_Legacyobject {
function __construct($service) {
global $ftp;
parent::__construct($service);
$this->ftp=$ftp;
$this->ftp = $ftp;
}
/** API Method from legacy class method ftp->add_ftp()
* @param $options a hash with parameters transmitted to legacy call
* mandatory parameters: prefix, login, pass, dir
* @return Alternc_Api_Response whose content is the newly created UID
*/
function add($options) {
$mandatory=array("prefix","login","pass","dir");
$missing="";
$mandatory = array("prefix", "login", "pass", "dir");
$missing = "";
foreach ($mandatory as $key) {
if (!isset($options[$key])) {
$missing.=$key." ";
$missing.=$key . " ";
}
}
if ($missing) {
return new Alternc_Api_Response( array("code" => self::ERR_INVALID_ARGUMENT, "message" => "Missing or invalid argument: ".$missing) );
return new Alternc_Api_Response(array("code" => self::ERR_INVALID_ARGUMENT, "message" => "Missing or invalid argument: " . $missing));
}
$ftpid=$this->ftp->add_ftp($options["prefix"],$options["login"], $options["pass"], $options["dir"]);
$ftpid = $this->ftp->add_ftp($options["prefix"], $options["login"], $options["pass"], $options["dir"]);
if (!$ftpid) {
return $this->alterncLegacyErrorManager();
} else {
return new Alternc_Api_Response( array("content" => $ftpid ) );
return new Alternc_Api_Response(array("content" => $ftpid));
}
}
/** API Method from legacy class method ftp->put_ftp_details()
* @param $options a hash with parameters transmitted to legacy call
* mandatory parameters: id
@ -46,30 +44,30 @@ class Alternc_Api_Object_Ftp extends Alternc_Api_Legacyobject {
* @return Alternc_Api_Response whose content is the updated UID
*/
function update($options) {
$defaults=array("prefix","login","dir");
$defaults = array("prefix", "login", "dir");
if (!isset($options["id"])) {
return new Alternc_Api_Response( array("code" => self::ERR_INVALID_ARGUMENT, "message" => "Missing or invalid argument: ID") );
return new Alternc_Api_Response(array("code" => self::ERR_INVALID_ARGUMENT, "message" => "Missing or invalid argument: ID"));
}
$id=intval($options["id"]);
$old=$this->ftp->get_ftp_details($id);
$id = intval($options["id"]);
$old = $this->ftp->get_ftp_details($id);
if (!$old) {
return new Alternc_Api_Response( array("code" => self::ERR_NOT_FOUND, "message" => "FTP Account not found") );
return new Alternc_Api_Response(array("code" => self::ERR_NOT_FOUND, "message" => "FTP Account not found"));
}
foreach ($defaults as $key) {
if (!isset($options[$key])) {
$options[$key]=$old[$key];
$options[$key] = $old[$key];
}
}
if (!isset($options["pass"])) $options["pass"]="";
$result=$this->ftp->put_ftp_details($id, $options["prefix"], $options["login"], $options["pass"], $options["dir"]);
if (!isset($options["pass"]))
$options["pass"] = "";
$result = $this->ftp->put_ftp_details($id, $options["prefix"], $options["login"], $options["pass"], $options["dir"]);
if (!$result) {
return $this->alterncLegacyErrorManager();
} else {
return new Alternc_Api_Response( array("content" => $result ) );
return new Alternc_Api_Response(array("content" => $result));
}
}
/** API Method from legacy class method ftp->del_ftp()
* @param $options a hash with parameters transmitted to legacy call
* mandatory parameters: id
@ -77,17 +75,16 @@ class Alternc_Api_Object_Ftp extends Alternc_Api_Legacyobject {
*/
function del($options) {
if (!isset($options["id"])) {
return new Alternc_Api_Response( array("code" => self::ERR_ALTERNC_FUNCTION, "message" => "Missing or invalid argument: ID") );
return new Alternc_Api_Response(array("code" => self::ERR_ALTERNC_FUNCTION, "message" => "Missing or invalid argument: ID"));
}
$result=$this->ftp->delete_ftp(intval($options["id"]));
$result = $this->ftp->delete_ftp(intval($options["id"]));
if (!$result) {
return $this->alterncLegacyErrorManager();
} else {
return new Alternc_Api_Response( array("content" => true ) );
return new Alternc_Api_Response(array("content" => true));
}
}
/** API Method from legacy class method ftp->get_list()
* @param $options a hash with parameters transmitted to legacy call
* non-mandatory parameters:
@ -95,21 +92,27 @@ class Alternc_Api_Object_Ftp extends Alternc_Api_Legacyobject {
* @return Alternc_Api_Response An array with all matching FTP account informations as hashes
*/
function find($options) {
$result=$this->ftp->get_list();
$result = $this->ftp->get_list();
if (!$result) {
return $this->alterncLegacyErrorManager();
} else {
$offset=-1; $count=-1;
if (isset($options["count"])) $count=intval($options["count"]);
if (isset($options["offset"])) $offset=intval($options["offset"]);
if ($offset!=-1 || $count!=-1) {
if ($offset<0 || $offset>count($result)) $offset=0;
if ($count<0 || $count>1000) $count=1000;
$result= array_slice($result, $offset, $count);
$offset = -1;
$count = -1;
if (isset($options["count"]))
$count = intval($options["count"]);
if (isset($options["offset"]))
$offset = intval($options["offset"]);
if ($offset != -1 || $count != -1) {
if ($offset < 0 || $offset > count($result))
$offset = 0;
if ($count < 0 || $count > 1000)
$count = 1000;
$result = array_slice($result, $offset, $count);
}
return new Alternc_Api_Response( array("content" =>$result) );
return new Alternc_Api_Response(array("content" => $result));
}
}
}
} // class Alternc_Api_Object_Ftp
// class Alternc_Api_Object_Ftp

14
lib/Alternc/Api/Request.php
View File

@ -25,18 +25,21 @@ class Alternc_Api_Request {
* @var string
*/
public $object;
/**
* must link to a Alternc_Api_Object_Interface method
*
* @var string
*/
public $action;
/**
* bag of data
*
* @var array
*/
public $options;
/**
*
* Bag of data
@ -45,7 +48,6 @@ class Alternc_Api_Request {
*/
public $metadata;
const ERR_MISSING_PARAMETER = 111801;
function __construct($options) {
@ -73,19 +75,19 @@ class Alternc_Api_Request {
throw new \Exception("Missing parameter options", self::ERR_MISSING_PARAMETER);
}
} else {
$this->options=array();
$this->options = array();
}
// Attempts to retrieve token
if (isset($options["token"])) {
if (is_a( $options["token"], Alternc_Api_Token)) {
if (is_a($options["token"], Alternc_Api_Token)) {
$this->token = $options["token"];
} else {
throw new \Exception("Bad parameter token", self::ERR_MISSING_PARAMETER);
}
} else {
// Attempts to retrieve token_hash then
if (isset($options["token_hash"]) && is_string( $options["token_hash"])) {
if (isset($options["token_hash"]) && is_string($options["token_hash"])) {
$this->token_hash = $options["token_hash"];
} else {
throw new \Exception("Missing parameter token OR token_hash", self::ERR_MISSING_PARAMETER);
@ -96,8 +98,6 @@ class Alternc_Api_Request {
if (isset($options["metadata"])) {
$this->metadata = $options["metadata"];
}
}
}

17
lib/Alternc/Api/Response.php
View File

@ -12,7 +12,6 @@ class Alternc_Api_Response {
const ERR_DISABLED_ACCOUNT = 221801;
const ERR_INVALID_AUTH = 221802;
/**
* Result code. 0 means success
*
@ -41,30 +40,28 @@ class Alternc_Api_Response {
*/
public $metadata;
/**
* initialize a response object
* @param options any of the public above
*/
public function __construct($options=array()) {
$os=array("code","message","content","metadata");
public function __construct($options = array()) {
$os = array("code", "message", "content", "metadata");
foreach ($os as $o) {
if (isset($options[$o])) $this->$o=$options[$o];
if (isset($options[$o]))
$this->$o = $options[$o];
}
}
/**
* Formats response to json
*
* @return string
*/
public function toJson (){
public function toJson() {
return json_encode(get_object_vars($this));
}
}
} // class Alternc_Api_Response
// class Alternc_Api_Response

59
lib/Alternc/Api/Service.php
View File

@ -8,7 +8,6 @@
*/
class Alternc_Api_Service {
public $db; // PDO object
private $loggerList; // List of loggers
private $allowedAuth; // list of allowed authenticators
@ -36,36 +35,36 @@ class Alternc_Api_Service {
*
* @return create the object
*/
function __construct($options) {
// What DB shall we connect to?
// Note: it MUST be in this mode : $dbh->setAttribute(PDO::ATTR_ERRMODE, PDO::ERRMODE_EXCEPTION);
if (isset($options["databaseAdapter"]) && $options["databaseAdapter"] instanceof PDO) {
$this->db=$options["databaseAdapter"];
$this->db = $options["databaseAdapter"];
} else {
throw new \Exception("Missing required parameter databaseAdapter", self::ERR_INVALID_ARGUMENT);
}
// Which login is allowed?
$this->allowedAuth=array();
if (isset($options["loginAdapterList"]) && is_array($options["loginAdapterList"]) ) {
foreach($options["loginAdapterList"] as $lal) {
$this->allowedAuth[] = (string)$lal;
$this->allowedAuth = array();
if (isset($options["loginAdapterList"]) && is_array($options["loginAdapterList"])) {
foreach ($options["loginAdapterList"] as $lal) {
$this->allowedAuth[] = (string) $lal;
}
}
// To which logger(s) shall we log to?
if (isset($options["loggerAdapter"])) {
if (!is_array($options["loggerAdapter"])) $options["loggerAdapter"]=array($options["loggerAdapter"]);
foreach($options["loggerAdapter"] as $la) {
if (!is_array($options["loggerAdapter"]))
$options["loggerAdapter"] = array($options["loggerAdapter"]);
foreach ($options["loggerAdapter"] as $la) {
if ($la instanceof Psr\Log\LoggerInterface)
$this->loggerList[]=$la;
$this->loggerList[] = $la;
}
}
}
} // __construct
// __construct
/**
* Authenticate into an AlternC server
@ -84,14 +83,14 @@ class Alternc_Api_Service {
throw new \Exception("Missing required parameter options", self::ERR_INVALID_ARGUMENT);
}
if (count($this->allowedAuth) && !in_array($auth["method"],$this->allowedAuth)) {
if (count($this->allowedAuth) && !in_array($auth["method"], $this->allowedAuth)) {
throw new \Exception("Method not allowed", self::ERR_METHOD_DENIED);
}
if (isset($auth["options"]["uid"]) && !intval($auth["options"]["uid"])) {
throw new \Exception("Invalid UID", self::ERR_INVALID_ARGUMENT);
}
$adapterName = "Alternc_Api_Auth_".ucfirst(strtolower($auth["method"]));
$adapterName = "Alternc_Api_Auth_" . ucfirst(strtolower($auth["method"]));
$authAdapter = new $adapterName($this);
@ -107,21 +106,20 @@ class Alternc_Api_Service {
if (isset($auth["options"]["uid"])) {
if (!$token->isAdmin) {
// Non-admin are not allowed to setuid
return new Alternc_Api_Response( array("code" => self::ERR_SETUID_FORBIDDEN, "message" => "This user is not allowed to set his uid") );
return new Alternc_Api_Response(array("code" => self::ERR_SETUID_FORBIDDEN, "message" => "This user is not allowed to set his uid"));
}
// Search for the requested user. We allow using *disabled* account here since we are admin
foreach($this->db->query("SELECT uid FROM membres WHERE uid=".intval($auth["options"]["uid"])) as $setuid) {
$token->uid=intval($setuid['uid']);
$stmt=$this->db->prepare("UPDATE token SET data=? WHERE token=?");
$stmt->execute(array( $token->toJson(), $token->token));
foreach ($this->db->query("SELECT uid FROM membres WHERE uid=" . intval($auth["options"]["uid"])) as $setuid) {
$token->uid = intval($setuid['uid']);
$stmt = $this->db->prepare("UPDATE token SET data=? WHERE token=?");
$stmt->execute(array($token->toJson(), $token->token));
return $token;
}
return new Alternc_Api_Response( array("code" => self::ERR_SETUID_USER_NOT_FOUND, "message" => "Can't find the user you want to setuid to") );
return new Alternc_Api_Response(array("code" => self::ERR_SETUID_USER_NOT_FOUND, "message" => "Can't find the user you want to setuid to"));
}
return $token;
}
/**
* Manage an API Call
* @param Alternc_Api_Request $request The API call
@ -134,27 +132,25 @@ class Alternc_Api_Service {
throw new \Exception("request must be an Alternc_Api_Request object", self::ERR_INVALID_ARGUMENT);
// we set the token in the Service object, so that other classes can use it :)
$this->token = Alternc_Api_Token::tokenGet($request->token_hash,$this->db);
$this->token = Alternc_Api_Token::tokenGet($request->token_hash, $this->db);
if ($this->token instanceof Alternc_Api_Response) // bad token
return $this->token;
$className = "Alternc_Api_Object_".ucfirst(strtolower($request->object));
$className = "Alternc_Api_Object_" . ucfirst(strtolower($request->object));
if (!class_exists($className))
return new Alternc_Api_Response( array("code" => self::ERR_OBJECT_NOT_FOUND, "message" => "Object not found in this AlternC's instance") );
return new Alternc_Api_Response(array("code" => self::ERR_OBJECT_NOT_FOUND, "message" => "Object not found in this AlternC's instance"));
$object = new $className($this);
$action=$request->action;
$action = $request->action;
if (!method_exists($object, $action))
return new Alternc_Api_Response( array("code" => self::ERR_ACTION_NOT_FOUND, "message" => "Action not found for this object in this AlternC's instance") );
$request->token=$this->token; // we receive $request->token_hash as a STRING, but we transmit its object as an Alternc_Api_Token.
return new Alternc_Api_Response(array("code" => self::ERR_ACTION_NOT_FOUND, "message" => "Action not found for this object in this AlternC's instance"));
$request->token = $this->token; // we receive $request->token_hash as a STRING, but we transmit its object as an Alternc_Api_Token.
// TODO: log this Api Call
return $object->$action($request->options);
}
/**
* Getter for the databaseAdapter
* (used by authAdapter)
@ -163,8 +159,7 @@ class Alternc_Api_Service {
return $this->db;
}
}
} // class Alternc_Api_Service
// class Alternc_Api_Service

72
lib/Alternc/Api/Token.php
View File

@ -6,11 +6,10 @@
*/
class Alternc_Api_Token {
const ERR_DATABASE_ERROR=112001;
const ERR_INVALID_ARGUMENT=112002;
const ERR_MISSING_ARGUMENT=112003;
const ERR_INVALID_TOKEN=112004;
const ERR_DATABASE_ERROR = 112001;
const ERR_INVALID_ARGUMENT = 112002;
const ERR_MISSING_ARGUMENT = 112003;
const ERR_INVALID_TOKEN = 112004;
/**
* AlternC User-Id
@ -33,7 +32,6 @@ class Alternc_Api_Token {
*/
public $token;
/**
* how long (seconds) is a token valid
*
@ -41,65 +39,59 @@ class Alternc_Api_Token {
*/
public $tokenDuration = 2678400; // default is a month
/**
* initialize a token object
* @param options any of the public above
* may contain a dbAdapter, in that case create() will be available
*/
public function __construct($options=array()) {
public function __construct($options = array()) {
if (isset($options["uid"]) && is_int($options["uid"]))
$this->uid=$options["uid"];
$this->uid = $options["uid"];
if (isset($options["isAdmin"]) && is_bool($options["isAdmin"]))
$this->isAdmin=$options["isAdmin"];
$this->isAdmin = $options["isAdmin"];
}
/**
* Formats response to json
*
* @return string
*/
public function toJson (){
public function toJson() {
return json_encode(
array("uid"=>$this->uid,
array("uid" => $this->uid,
"isAdmin" => $this->isAdmin,
"token" => $this->token)
);
}
/**
* Create a new token in the DB for the associated user/admin
*
* @return string the token (32 chars)
*/
public static function tokenGenerate($options,$db) {
public static function tokenGenerate($options, $db) {
if (!($db instanceof PDO)) {
throw new \Exception("No DB Object, can't create",self::ERR_DATABASE_ERROR);
throw new \Exception("No DB Object, can't create", self::ERR_DATABASE_ERROR);
}
if (!isset($options["uid"]) || !isset($options["isAdmin"])) {
throw new \Exception("Missing Arguments (uid,isAdmin)",self::ERR_MISSING_ARGUMENT);
throw new \Exception("Missing Arguments (uid,isAdmin)", self::ERR_MISSING_ARGUMENT);
}
$token=new Alternc_Api_Token($options);
$token = new Alternc_Api_Token($options);
do {
$token->token = $token->tokenRandom();
$stmt=$db->prepare("INSERT IGNORE INTO token SET token=?, expire=DATE_ADD(NOW(), INTERVAL ? SECOND), data=?");
$stmt->execute(array($token->token,$token->tokenDuration, $token->toJson()));
$stmt = $db->prepare("INSERT IGNORE INTO token SET token=?, expire=DATE_ADD(NOW(), INTERVAL ? SECOND), data=?");
$stmt->execute(array($token->token, $token->tokenDuration, $token->toJson()));
$rows = $stmt->rowCount();
} while ($rows==0); // prevent collisions
} while ($rows == 0); // prevent collisions
return $token;
}
/**
* Check and return a token
* @param $token string a 32-chars token
@ -107,34 +99,34 @@ class Alternc_Api_Token {
*
* @return Alternc_Api_Token object or NULL
*/
public static function tokenGet($token,$db) {
public static function tokenGet($token, $db) {
if (!($db instanceof PDO)) {
throw new \Exception("No DB Object, can't create",self::ERR_DATABASE_ERROR);
throw new \Exception("No DB Object, can't create", self::ERR_DATABASE_ERROR);
}
if (!is_string($token) || !preg_match("#^[a-zA-Z0-9]{32}$#",$token)) {
return new Alternc_Api_Response( array("code" => self::ERR_INVALID_TOKEN, "message" => "Invalid token") );
if (!is_string($token) || !preg_match("#^[a-zA-Z0-9]{32}$#", $token)) {
return new Alternc_Api_Response(array("code" => self::ERR_INVALID_TOKEN, "message" => "Invalid token"));
}
$stmt=$db->prepare("SELECT * FROM token WHERE token=?");
$stmt = $db->prepare("SELECT * FROM token WHERE token=?");
$stmt->execute(array($token));
if ( $tok=$stmt->fetch(PDO::FETCH_OBJ) ) {
return new Alternc_Api_Token( json_decode($tok->data,true) );
if ($tok = $stmt->fetch(PDO::FETCH_OBJ)) {
return new Alternc_Api_Token(json_decode($tok->data, true));
}
return new Alternc_Api_Response( array("code" => self::ERR_INVALID_TOKEN, "message" => "Invalid token") );
return new Alternc_Api_Response(array("code" => self::ERR_INVALID_TOKEN, "message" => "Invalid token"));
}
/**
* Generate a new random token
* @return string
*/
public function tokenRandom(){
$chars="abcdefghijklmnopqrstuvwxyzABCDEFGHIJKLMNOPQRSTUVWXYZ0123456789";
$s="";
for($i=0;$i<32;$i++)
$s.=substr($chars,rand(0,61),1);
public function tokenRandom() {
$chars = "abcdefghijklmnopqrstuvwxyzABCDEFGHIJKLMNOPQRSTUVWXYZ0123456789";
$s = "";
for ($i = 0; $i < 32; $i++)
$s.=substr($chars, rand(0, 61), 1);
return $s;
}
}
} // class Alternc_Api_Response
// class Alternc_Api_Response