dc-rest/_public.php

136 lines
4.1 KiB
PHP
Raw Normal View History

2017-04-13 22:46:51 +02:00
<?php
if (!defined('DC_RC_PATH')) { return; }
2017-04-30 17:38:07 +02:00
$core->url->register('rest','rest','^rest(?:/(.*))?$',array('rest','getResponse'));
2017-04-13 22:46:51 +02:00
class rest extends dcUrlHandlers
{
2017-05-01 22:05:03 +02:00
2017-05-05 21:46:14 +02:00
/**
* Create the "good" RestQuery instance
* Input: $httpMethod: String (POST/GET/PATCH etc...)
* $args Url arguments
* $user dcAuth object
* $body Body of the input query. String
* Output: object RestQuery
*/
private function restFactoryQuery($httpMethod,$args,$body){
//définir la methode API (pas HTML) appelée
switch($httpMethod){
case "GET":
2017-06-20 19:40:56 +02:00
if($args == 'blogs')
2017-05-18 21:49:46 +02:00
return new RestQueryGetBlogs();
2017-06-20 19:40:56 +02:00
elseif($args == 'specs')
2017-05-18 21:49:46 +02:00
return new RestQueryGetSpecs();
2017-06-20 19:40:56 +02:00
elseif(preg_match('/^blogs\/(.*)$/', $args ))
2017-05-18 21:49:46 +02:00
return new RestQueryGetBlog($args);
2017-06-20 19:40:56 +02:00
elseif(preg_match('/^(.*)\/settings$/', $args ))
2017-05-18 21:49:46 +02:00
return new RestQueryGetBlogSettings($args);
2017-06-20 19:40:56 +02:00
elseif(preg_match('/^(.*)\/settings\/(.*)$/', $args ))
2017-05-18 21:49:46 +02:00
return new RestQueryGetBlogSettings($args);
2017-06-20 19:40:56 +02:00
elseif(preg_match('/^(.*)\/posts$/', $args ))
return new RestQueryGetPosts($args);
elseif(preg_match('/^(.*)\/post\/(.*)$/', $args ))
return new RestQueryGetPost($args);
2017-05-05 21:46:14 +02:00
break;
case "POST":
2017-06-20 19:40:56 +02:00
if($args == 'blogs')
2017-05-18 21:49:46 +02:00
return new RestQueryPostBlogs($body);
2017-06-20 19:40:56 +02:00
elseif(preg_match('/^(.*)\/settings\/(.*)$/', $args ))
2017-05-18 21:49:46 +02:00
return new RestQueryPostBlogSettings($args,$body);
2017-06-20 19:40:56 +02:00
elseif(preg_match('/^(.*)\/post$/', $args ))
return new RestQueryPostPost($args,$body);
elseif(preg_match('/^(.*)\/categories$/', $args ))
return new RestQueryPostCategories($args,$body);
elseif(preg_match('/^(.*)\/metas$/', $args ))
return new RestQueryPostMetas($args,$body);
2017-05-05 21:46:14 +02:00
break;
case "PUT":
2017-05-11 23:10:01 +02:00
if(preg_match('/^blogs\/(.*)$/', $args )){
2017-05-18 21:49:46 +02:00
return new ResQueryPutBlogs($args,$body);
2017-05-11 23:10:01 +02:00
break;
}
2017-05-05 21:46:14 +02:00
break;
case "PATCH":
2017-05-11 23:10:01 +02:00
if(preg_match('/^blogs\/(.*)$/', $args )){
2017-05-18 21:49:46 +02:00
return new ResQueryPatchBlogs($args,$body);
2017-05-11 23:10:01 +02:00
break;
}
2017-05-05 21:46:14 +02:00
break;
case "DELETE":
2017-05-11 23:10:01 +02:00
if(preg_match('/^blogs\/(.*)$/', $args )){
2017-05-18 21:49:46 +02:00
return new ResQueryDeleteBlogs($args,$body);
2017-05-11 23:10:01 +02:00
break;
2017-05-18 21:49:46 +02:00
}elseif(preg_match('/^(.*)\/settings\/(.*)$/', $args )){
return new RestQueryDeleteBlogSettings($args);
}
2017-05-05 21:46:14 +02:00
break;
default:
break;
}
2017-05-18 21:49:46 +02:00
return new RestQuery(); //will return a 404
2017-05-05 21:46:14 +02:00
}
2017-05-01 22:05:03 +02:00
2017-05-05 21:46:14 +02:00
public static function getResponse($args)
{
global $core;
$active = (boolean)$core->blog->settings->rest->rest_active;
if (!$active){
self::p404();
return;
}
//coors headers
if($core->blog->settings->rest->rest_send_cors_headers){
header('Access-Control-Allow-Origin: *');
header('Access-Control-Allow-Methods: GET, POST, PATCH, PUT, DELETE');
header('Access-Control-Allow-Headers: Content-Type, authorization, x_dc_key');
}
//exception pour la documentation
if($args == "documentation"){
2017-05-01 00:51:42 +02:00
include (dirname(__FILE__).'/documentation/swagger-ui-dist/index.php');
return;
2017-05-05 21:46:14 +02:00
}
header('Content-Type: application/json');
//user authentification (facultative at this step)
$apiKey = rest::get_api_key_sended();
//$user = false;
if($apiKey){
$core->auth = new restAuth($core);
if($core->auth->checkUser('','',$apiKey) === false){
header(RestQuery::get_full_code_header(403));
echo json_encode(array(
"error" => "Wrong API Key",
"code" => 403
));
return;
}
}else{
$core->auth = false;
}
$r = rest::restFactoryQuery($_SERVER['REQUEST_METHOD'],$args,file_get_contents('php://input'));
2017-05-11 23:10:01 +02:00
header($r->get_full_code_header());
2017-05-05 21:46:14 +02:00
echo json_encode($r->response_message);
}
private function get_api_key_sended()
{
//to do: test it on nginx
$headers = apache_request_headers();
if(isset($headers['x_dc_key'])){
return $headers['x_dc_key'];
}else{
return false;
}
}
}