diff --git a/README.md b/README.md index e3ebca3..3b9f49a 100644 --- a/README.md +++ b/README.md @@ -1,10 +1,38 @@ # Dotclear REST API -Plugin dotclear ouvrant une API REST/JSON +Plugin to serve a Rest/JSON API on Dotclear. -C'est en cours de développement et est loin d'être fini. +This is a work in progress. API definitions and specifications are not stables. Its will be more exhaustive. +Real time code repository is https://bitbucket.org/gnieark/dc-rest-api -Les spécifications swagger seront modifiées au fur et à mesure du développement de l'API. -Pour le moment elles sont basées sur la structure de la base de données et ne sont pas exhaustives. -A terme, elles seront basées plus sur les fonctions de dotclear. \ No newline at end of file +# Install: + +Make a zip of this repository and install it on your Dotclear Blog. + +# License + +Dotclear rest/json plugin. + +Copyright (C) [Gnieark](https://blog-du-grouik.tinad.fr/) + +This program is free software: you can redistribute it and/or modify +it under the terms of the GNU General Public License as published by +the Free Software Foundation, either version 3 of the License, or +(at your option) any later version. + +This program is distributed in the hope that it will be useful, +but WITHOUT ANY WARRANTY; without even the implied warranty of +MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the +GNU General Public License for more details. + +# Third-party code + +## Dotclear +The content management system Dotclear http://dotclear.org/ licensed under +GNU GENERAL PUBLIC LICENSE Version 2, June 1991 + + +## SwaggerUI +Documentation and the tool to test the API is a third party code integrated on this plugin: +Swagger-UI https://github.com/swagger-api/swagger-ui Licensed under the Apache License, Version 2.0 \ No newline at end of file diff --git a/_admin.php b/_admin.php index 07b09df..e2ac150 100644 --- a/_admin.php +++ b/_admin.php @@ -4,6 +4,6 @@ if (!defined('DC_CONTEXT_ADMIN')) { return; } $_menu['Blog']->addItem(__('Rest API'), 'plugin.php?p=rest', - urldecode(dcPage::getPF('rest/rest_api_256x256.png')), + urldecode(dcPage::getPF('rest/rest_api.png')), preg_match('/plugin.php\?p=rest(&.*)?$/',$_SERVER['REQUEST_URI']), $core->auth->check('contentadmin',$core->blog->id)); diff --git a/_prepend.php b/_prepend.php index ff29368..72048ff 100644 --- a/_prepend.php +++ b/_prepend.php @@ -7,4 +7,8 @@ $__autoload['RestQuery'] = dirname(__FILE__).'/inc/class.rest.query.php'; $__autoload['RestQueryGetBlogs'] = dirname(__FILE__).'/inc/class.rest.query.get.blogs.php'; $__autoload['RestQueryGetBlog'] = dirname(__FILE__).'/inc/class.rest.query.get.blog.php'; $__autoload['RestQueryGetSpecs'] = dirname(__FILE__).'/inc/class.rest.query.get.specs.php'; -$__autoload['RestQueryPostBlogs'] = dirname(__FILE__).'/inc/class.rest.query.post.blogs.php'; \ No newline at end of file +$__autoload['RestQueryPostBlogs'] = dirname(__FILE__).'/inc/class.rest.query.post.blogs.php'; +$__autoload['ResQueryPatchBlogs'] = dirname(__FILE__).'/inc/class.rest.query.patch.blogs.php'; +$__autoload['ResQueryPutBlogs'] = dirname(__FILE__).'/inc/class.rest.query.put.blogs.php'; +$__autoload['ResQueryDeleteBlogs'] = dirname(__FILE__).'/inc/class.rest.query.delete.blogs.php'; +$__autoload['RestQueryGetBlogSettings'] = dirname(__FILE__).'/inc/class.rest.query.get.blog.settings.php'; diff --git a/_public.php b/_public.php index ed53f06..8cf4554 100644 --- a/_public.php +++ b/_public.php @@ -23,15 +23,15 @@ class rest extends dcUrlHandlers }elseif($args == 'specs'){ $queryObj = new RestQueryGetSpecs(); break; - }elseif(preg_match('^blogs/(.+)$', $args )){ + }elseif(preg_match('/^blogs\/(.*)$/', $args )){ + ///blogs/{blog-id} $queryObj = new RestQueryGetBlog($args); + break; + }elseif(preg_match('/^(.*)\/settings$/', $args )){ + $queryObj = new RestQueryGetBlogSettings($args); break; - } - ///blogs/{blog-id} - - break; case "POST": if($args == 'blogs'){ @@ -40,15 +40,25 @@ class rest extends dcUrlHandlers break; case "PUT": - + if(preg_match('/^blogs\/(.*)$/', $args )){ + $queryObj = new ResQueryPutBlogs($args,$body); + break; + } break; case "PATCH": - + if(preg_match('/^blogs\/(.*)$/', $args )){ + $queryObj = new ResQueryPatchBlogs($args,$body); + break; + } + break; case "DELETE": - + if(preg_match('/^blogs\/(.*)$/', $args )){ + $queryObj = new ResQueryDeleteBlogs($args,$body); + break; + } break; default: $queryObj = new RestQuery(); @@ -101,7 +111,7 @@ class rest extends dcUrlHandlers $core->auth = false; } $r = rest::restFactoryQuery($_SERVER['REQUEST_METHOD'],$args,file_get_contents('php://input')); - header($r->response_code); + header($r->get_full_code_header()); echo json_encode($r->response_message); } diff --git a/documentation/definition.yaml b/documentation/definition.yaml index 7cd5471..488867d 100644 --- a/documentation/definition.yaml +++ b/documentation/definition.yaml @@ -56,10 +56,17 @@ paths: $ref: '#/definitions/blog' required: true responses: - '200': - description: array containing the new blog's identifiant - schema: - $ref: '#/definitions/Ids' + '201': + description: 'Success, array containing the new blog''s identifiant' + schema: + type: object + properties: + code: + type: integer + blog_id: + type: integer + message: + type: string default: description: Unexpected error schema: @@ -78,9 +85,7 @@ paths: required: true responses: '200': - description: >- - array containing blog properties. This list of attributes is not - exhaustive. + description: 'Core blog properties. use {blog_id}/settings methods for more settings.' schema: $ref: '#/definitions/blogProperties' '404': @@ -118,9 +123,7 @@ paths: schema: $ref: '#/definitions/Error' put: - summary: >- - Overwrite blog Properties (if a parameter is not set, his value will be - erased by de default value) + summary: 'Overwrite blog Properties (if an optional parameter is not set, his value will be erased by the default value)' parameters: - name: x_dc_key in: header @@ -135,7 +138,7 @@ paths: description: This list of parameters is not exhaustive required: true schema: - $ref: '#/definitions/blogProperties' + $ref: '#/definitions/blogPropertiesPut' responses: '200': description: array containing the edited blog's identifiant @@ -169,6 +172,28 @@ paths: description: Unexpected error schema: $ref: '#/definitions/Error' + '/{blog_id}/settings': + get: + summary: 'Get the about:config' + description: Get all parameters + parameters: + - name: x_dc_key + in: header + type: string + required: true + - name: blog_id + in: path + type: string + required: true + responses: + '200': + description: OK + '404': + description: this blog id does not exists + default: + description: Unexpected error + schema: + $ref: '#/definitions/Error' '/{blog-id}/posts': get: summary: Get list of posts @@ -194,9 +219,7 @@ paths: items: type: string required: false - description: >- - Fields you want to get. If unset, fields are post_id, post_url, - post_status, post_title, post_date + description: 'Fields you want to get. If unset, fields are post_id, post_url, post_status, post_title, post_date' responses: '200': description: list of posts @@ -222,9 +245,7 @@ paths: required: true - name: properties in: body - description: >- - Some non required fields you don't define will be set (default - value) by the API + description: Some non required fields you don't define will be set (default value) by the API schema: $ref: '#/definitions/new_dc_post' responses: @@ -489,164 +510,34 @@ definitions: id: type: integer description: New blog id - blogProperties: + blogPropertiesPut: + required: + - blog_id + - blog_name + - blog_url + - blog_desc type: object properties: - id: - type: string - name: - type: string - url: - type: string - description: - type: string - author: - type: string - allow_comments: - type: boolean - allow_trackbacks: - type: boolean - blog_timezone: - type: string - comment_preview_optional: - type: string - comments_nofollow: - type: boolean - comments_pub: - type: boolean - comments_ttl: - type: integer - copyright_notice: - type: string - csp_admin_default: - type: string - csp_admin_img: - type: string - csp_admin_on: - type: boolean - csp_admin_report_only: - type: boolean - csp_admin_script: - type: string - csp_admin_style: - type: string - date_format: - type: string - date_formats: - type: array - items: - type: string - format: string - editor: - type: string - enable_html_filter: - type: boolean - enable_xmlrpc: - type: boolean - import_feed_ip_regexp: - type: string - import_feed_no_private_ip: - type: boolean - import_feed_port_regexp: - type: string - import_feed_url_control: - type: boolean - inc_subcats: - type: boolean - jquery_migrate_mute: - type: boolean - jquery_version: - type: string - lang: - type: string - media_exclusion: - type: string - media_flash_fallback: - type: boolean - media_img_default_alignment: - type: string - media_img_default_legend: - type: string - media_img_default_link: - type: string - media_img_default_size: - type: string - media_img_m_size: - type: integer - media_img_no_date_alone: - type: string - media_img_s_size: - type: integer - media_img_t_size: - type: integer - media_img_title_pattern: - type: string - media_img_use_dto_first: - type: string - media_video_height: - type: integer - media_video_width: - type: integer - nb_comment_per_feed: - type: integer - nb_post_for_home: - type: integer - nb_post_per_feed: - type: integer - nb_post_per_page: - type: integer - no_search: - type: boolean - note_title_tag: - type: string - post_url_format: - type: string - prevents_clickjacking: - type: string - public_path: - type: string - public_url: - type: string - robots_policy: + blog_id: type: string - short_feed_items: - type: boolean - simpleMenu: - type: array - items: - type: string - simpleMenu_active: - type: boolean - store_plugin_url: + blog_name: type: string - store_theme_url: + blog_url: type: string - theme: + blog_desc: type: string - themes_path: + + blogProperties: + type: object + properties: + blog_id: type: string - themes_url: + blog_name: type: string - time_format: + blog_url: type: string - time_formats: - type: array - items: - type: string - tpl_allow_php: - type: boolean - tpl_use_cache: - type: boolean - trackbacks_pub: - type: boolean - trackbacks_ttl: - type: integer - url_scan: + blog_desc: type: string - use_smilies: - type: boolean - wiki_comments: - type: boolean new_dc_post: type: object required: diff --git a/documentation/index.php b/documentation/index.php deleted file mode 100644 index 038219f..0000000 --- a/documentation/index.php +++ /dev/null @@ -1,5 +0,0 @@ - -

Hey

\ No newline at end of file diff --git a/documentation/swagger-ui-dist/index.html b/documentation/swagger-ui-dist/index.html deleted file mode 100644 index 9f9a652..0000000 --- a/documentation/swagger-ui-dist/index.html +++ /dev/null @@ -1,93 +0,0 @@ - - - - - - Swagger UI - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
- - - - - - - diff --git a/documentation/swagger-ui-dist/index.php b/documentation/swagger-ui-dist/index.php index 5c7771d..0f6d801 100644 --- a/documentation/swagger-ui-dist/index.php +++ b/documentation/swagger-ui-dist/index.php @@ -1,4 +1,6 @@ - + diff --git a/documentation/swagger.json b/documentation/swagger.json index 71d9539..885eeb9 100644 --- a/documentation/swagger.json +++ b/documentation/swagger.json @@ -83,10 +83,21 @@ } ], "responses": { - "200": { - "description": "array containing the new blog's identifiant", + "201": { + "description": "Success, array containing the new blog's identifiant", "schema": { - "$ref": "#/definitions/Ids" + "type": "object", + "properties": { + "code": { + "type": "integer" + }, + "blog_id": { + "type": "integer" + }, + "message": { + "type": "string" + } + } } }, "default": { @@ -117,7 +128,7 @@ ], "responses": { "200": { - "description": "array containing blog properties. This list of attributes is not exhaustive.", + "description": "Core blog properties. use {blog_id}/settings methods for more settings.", "schema": { "$ref": "#/definitions/blogProperties" } @@ -177,7 +188,7 @@ } }, "put": { - "summary": "Overwrite blog Properties (if a parameter is not set, his value will be erased by de default value)", + "summary": "Overwrite blog Properties (if an optional parameter is not set, his value will be erased by the default value)", "parameters": [ { "name": "x_dc_key", @@ -197,7 +208,7 @@ "description": "This list of parameters is not exhaustive", "required": true, "schema": { - "$ref": "#/definitions/blogProperties" + "$ref": "#/definitions/blogPropertiesPut" } } ], @@ -254,6 +265,40 @@ } } }, + "/{blog_id}/settings": { + "get": { + "summary": "Get the about:config", + "description": "Get all parameters", + "parameters": [ + { + "name": "x_dc_key", + "in": "header", + "type": "string", + "required": true + }, + { + "name": "blog_id", + "in": "path", + "type": "string", + "required": true + } + ], + "responses": { + "200": { + "description": "OK" + }, + "404": { + "description": "this blog id does not exists" + }, + "default": { + "description": "Unexpected error", + "schema": { + "$ref": "#/definitions/Error" + } + } + } + } + }, "/{blog-id}/posts": { "get": { "summary": "Get list of posts", @@ -741,240 +786,43 @@ } } }, - "blogProperties": { + "blogPropertiesPut": { + "required": [ + "blog_id", + "blog_name", + "blog_url", + "blog_desc" + ], "type": "object", "properties": { - "id": { - "type": "string" - }, - "name": { - "type": "string" - }, - "url": { - "type": "string" - }, - "description": { - "type": "string" - }, - "author": { - "type": "string" - }, - "allow_comments": { - "type": "boolean" - }, - "allow_trackbacks": { - "type": "boolean" - }, - "blog_timezone": { - "type": "string" - }, - "comment_preview_optional": { - "type": "string" - }, - "comments_nofollow": { - "type": "boolean" - }, - "comments_pub": { - "type": "boolean" - }, - "comments_ttl": { - "type": "integer" - }, - "copyright_notice": { - "type": "string" - }, - "csp_admin_default": { - "type": "string" - }, - "csp_admin_img": { - "type": "string" - }, - "csp_admin_on": { - "type": "boolean" - }, - "csp_admin_report_only": { - "type": "boolean" - }, - "csp_admin_script": { - "type": "string" - }, - "csp_admin_style": { - "type": "string" - }, - "date_format": { - "type": "string" - }, - "date_formats": { - "type": "array", - "items": { - "type": "string", - "format": "string" - } - }, - "editor": { - "type": "string" - }, - "enable_html_filter": { - "type": "boolean" - }, - "enable_xmlrpc": { - "type": "boolean" - }, - "import_feed_ip_regexp": { - "type": "string" - }, - "import_feed_no_private_ip": { - "type": "boolean" - }, - "import_feed_port_regexp": { - "type": "string" - }, - "import_feed_url_control": { - "type": "boolean" - }, - "inc_subcats": { - "type": "boolean" - }, - "jquery_migrate_mute": { - "type": "boolean" - }, - "jquery_version": { - "type": "string" - }, - "lang": { - "type": "string" - }, - "media_exclusion": { - "type": "string" - }, - "media_flash_fallback": { - "type": "boolean" - }, - "media_img_default_alignment": { - "type": "string" - }, - "media_img_default_legend": { - "type": "string" - }, - "media_img_default_link": { - "type": "string" - }, - "media_img_default_size": { - "type": "string" - }, - "media_img_m_size": { - "type": "integer" - }, - "media_img_no_date_alone": { - "type": "string" - }, - "media_img_s_size": { - "type": "integer" - }, - "media_img_t_size": { - "type": "integer" - }, - "media_img_title_pattern": { - "type": "string" - }, - "media_img_use_dto_first": { - "type": "string" - }, - "media_video_height": { - "type": "integer" - }, - "media_video_width": { - "type": "integer" - }, - "nb_comment_per_feed": { - "type": "integer" - }, - "nb_post_for_home": { - "type": "integer" - }, - "nb_post_per_feed": { - "type": "integer" - }, - "nb_post_per_page": { - "type": "integer" - }, - "no_search": { - "type": "boolean" - }, - "note_title_tag": { - "type": "string" - }, - "post_url_format": { - "type": "string" - }, - "prevents_clickjacking": { - "type": "string" - }, - "public_path": { - "type": "string" - }, - "public_url": { - "type": "string" - }, - "robots_policy": { + "blog_id": { "type": "string" }, - "short_feed_items": { - "type": "boolean" - }, - "simpleMenu": { - "type": "array", - "items": { - "type": "string" - } - }, - "simpleMenu_active": { - "type": "boolean" - }, - "store_plugin_url": { + "blog_name": { "type": "string" }, - "store_theme_url": { + "blog_url": { "type": "string" }, - "theme": { + "blog_desc": { "type": "string" - }, - "themes_path": { + } + } + }, + "blogProperties": { + "type": "object", + "properties": { + "blog_id": { "type": "string" }, - "themes_url": { + "blog_name": { "type": "string" }, - "time_format": { + "blog_url": { "type": "string" }, - "time_formats": { - "type": "array", - "items": { - "type": "string" - } - }, - "tpl_allow_php": { - "type": "boolean" - }, - "tpl_use_cache": { - "type": "boolean" - }, - "trackbacks_pub": { - "type": "boolean" - }, - "trackbacks_ttl": { - "type": "integer" - }, - "url_scan": { + "blog_desc": { "type": "string" - }, - "use_smilies": { - "type": "boolean" - }, - "wiki_comments": { - "type": "boolean" } } }, diff --git a/inc/class.rest.query.delete.blogs.php b/inc/class.rest.query.delete.blogs.php new file mode 100644 index 0000000..ccbae10 --- /dev/null +++ b/inc/class.rest.query.delete.blogs.php @@ -0,0 +1,52 @@ +delBlog($blog_id); + public function __construct($args){ + + global $core; + + $this->blog_id = substr($args,6); + + $this->required_perms = 'admin'; + + //Is allowed? + if($this->is_allowed() === false){ + //need To be authentified + $this->response_code = 403; + $this->response_message = array('code' => 403, 'error' => 'You need to be admin to patch a blog'); + return; + } + + //does the blog exists? + $core->blog = new dcBlog($core, $this->blog_id); + $blog_settings = new dcSettings($core,$this->blog_id); + + if(!$core->blog->id){ + $this->response_code = 404; + $this->response_message = array('code' => 404, 'error' => 'Resource '.$this -> blog_id.' not found'); + return; + } + try{ + $core->delBlog($this->blog_id); + $this->response_code = 201; + $this->response_message = array( + 'code' => 200, + 'message' => 'Successfully deleted blog '.$this->blog_id + ); + + } + catch (Exception $e) + { + $this->response_code = 500; + $this->response_message = array( + 'code' => 500, + 'message' => $e->getMessage() + ); + } + + + } + + +} \ No newline at end of file diff --git a/inc/class.rest.query.get.blog.php b/inc/class.rest.query.get.blog.php index f90803a..7669360 100644 --- a/inc/class.rest.query.get.blog.php +++ b/inc/class.rest.query.get.blog.php @@ -4,24 +4,50 @@ */ class RestQueryGetBlog extends RestQuery { - public function __construct(){ + public function __construct($args) + { global $core; - } + + $this->blog_id = substr($args,6); + + $this->required_perms = 'unauth'; + if($this->is_allowed() === false){ + //need To be authentified + $this->response_code = 403; + $this->response_message = array('code' => 403, 'error' => 'This API is not open without KEY'); + return; + } + //instance + if($core->auth === false){ + $core->auth = new dcAuth($core); //class dcBlog need it + $unauth = true; + if($core->blog->status == false){ + //le blog n'est pas publié (et l'user n'est pas authentifié) + // on Sort en 404 + $this->response_code = 404; + $this->response_message = array('code' => 404, 'error' => 'Resource '.$blog_id.' not found'); + return; + } + } + + $core->blog = new dcBlog($core, $this->blog_id); + $blog_settings = new dcSettings($core,$this->blog_id); - /* - * ça se complique niveau droits - * - * SI L'utilisateur n'est pas authentifié - * le blog est hors ligne - * -> 404 - * l'API n'est pas publique - * -> refus - * l'API est publique - * -> OK, mais on ne retourne pas les infos techniques - * L'utilisateur est authentifié - * n'est pas admin (du blog en question) - * -> OK, mais on ne retourne pas les infos techniques - * est admin - * -> L'API retourne le maximum d'infos - */ + if(!$core->blog->id){ + $this->response_code = 404; + $this->response_message = array('code' => 404, 'error' => 'Resource '.$this -> blog_id.' not found'); + return; + } + + $response = array( + 'blog_id' => $core->blog->id, + 'blog_status' => $core->blog->status, + 'blog_name' => $core->blog->name, + 'blog_desc' => $core->blog->desc, + 'blog_url' => $core->blog->url + ); + $this->response_code = 200; + $this->response_message = $response; + return; + } } \ No newline at end of file diff --git a/inc/class.rest.query.get.blog.settings.php b/inc/class.rest.query.get.blog.settings.php new file mode 100644 index 0000000..e661e49 --- /dev/null +++ b/inc/class.rest.query.get.blog.settings.php @@ -0,0 +1,48 @@ +blog_id = explode("/",$args)[0]; + //check if user is allowed + $this->required_perms = 'admin'; + if($this->is_allowed() === false){ + $this->response_code = 403; + $this->response_message = array('code' => 403, 'error' => 'No enough privileges'); + return; + } + + $core->blog = new dcBlog($core, $this->blog_id); + $blog_settings = new dcSettings($core,$this->blog_id); + + if(!$core->blog->id){ + $this->response_code = 404; + $this->response_message = array('code' => 404, 'error' => 'Resource '.$this -> blog_id.' not found'); + return; + } + try{ + $settings = array(); + foreach ($core->blog->settings->dumpNamespaces() as $ns => $namespace) { + foreach ($namespace->dumpSettings() as $k => $v) { + $settings[$ns][$k] = $v; + } + } + $this->response_code = 200; + $this->response_message = $settings; + }catch (Exception $e){ + $this->response_code = 500; + $this->response_message = array( + 'code' => 500, + 'message' => $e->getMessage() + ); + } + + return; + } + + +} \ No newline at end of file diff --git a/inc/class.rest.query.get.blogs.php b/inc/class.rest.query.get.blogs.php index f67a11f..9186e48 100644 --- a/inc/class.rest.query.get.blogs.php +++ b/inc/class.rest.query.get.blogs.php @@ -5,7 +5,7 @@ class RestQueryGetBlogs extends RestQuery public function __construct(){ global $core; - $this->blog_id = false; //this method doesn't depend on a bolg_id + $this->blog_id = false; //this method doesn't depend on a blog_id $this->required_perms = 'none'; //I want user have an account if($this->is_allowed() === false){ diff --git a/inc/class.rest.query.patch.blogs.php b/inc/class.rest.query.patch.blogs.php new file mode 100644 index 0000000..01b98e3 --- /dev/null +++ b/inc/class.rest.query.patch.blogs.php @@ -0,0 +1,74 @@ +blog_id = substr($args,6); + + $this->required_perms = 'admin'; + + //Is allowed? + if($this->is_allowed() === false){ + //need To be authentified + $this->response_code = 403; + $this->response_message = array('code' => 403, 'error' => 'You need to be admin to patch a blog'); + return; + } + + //Is JSON valid? + $inputArray = $this-> body_to_array($body); + if ($inputArray === false){ + return; + } + + //is it valid fields? + if(!$this->check_for_required_fields( $inputArray, array(), + array('blog_id','blog_url','blog_name','blog_desc','lang','blog_timezone','url_scan')) ){ + return; + } + + //does the blog exists? + $core->blog = new dcBlog($core, $this->blog_id); + $blog_settings = new dcSettings($core,$this->blog_id); + + if(!$core->blog->id){ + $this->response_code = 404; + $this->response_message = array('code' => 404, 'error' => 'Resource '.$this -> blog_id.' not found'); + return; + } + + $cur = $core->con->openCursor($core->prefix.'blog'); + + if(isset($inputArray['blog_id'])) + $cur->blog_id = $inputArray['blog_id']; + else + $cur->blog_id = $core->blog->id; + + if(isset($inputArray['blog_url'])) + $cur->blog_url = preg_replace('/\?+$/','?', $inputArray['blog_url']); + else + $cur->blog_url = $core->blog->url; + + if(isset($inputArray['blog_name'])) + $cur->blog_name = $inputArray['blog_name']; + if(isset($inputArray['blog_desc'])) + $cur->blog_desc = $inputArray['blog_desc']; + + $core->updBlog($this->blog_id,$cur); + + //$cur->blog_upddt = date('Y-m-d H:i:s'); + //$cur->update("WHERE blog_id = '".$core->con->escape($id)."'"); + + $this -> response_code = 200; + $this -> response_message = array( + 'code' => 200, + 'message' => 'blog '.$this->blog_id.' Successfully updated' + ); + return; + } +} \ No newline at end of file diff --git a/inc/class.rest.query.php b/inc/class.rest.query.php index a6c781c..f2bb93f 100644 --- a/inc/class.rest.query.php +++ b/inc/class.rest.query.php @@ -1,9 +1,9 @@ response_code = RestQuery::get_full_code_header(400); + $this->response_code = 400; $this->response_message = array( "error" => "Unrecoknized method", "code" => 400 @@ -44,7 +44,7 @@ class RestQuery{ if(empty(array_diff($fieldsSetted,$fieldsRequired))){ return true; }else{ - $this->response_code = RestQuery::get_full_code_header(400); + $this->response_code = 400; $this->response_message = array( "error" => "Only and each of following parameters ". implode(", ",$fieldsRequired)." are required", @@ -56,7 +56,7 @@ class RestQuery{ //check if all required fields are set foreach($fieldsRequired as $key){ if(!isset($arrayToCheck[$key])){ - $this->response_code = RestQuery::get_full_code_header(400); + $this->response_code = 400; $this->response_message = array( "error" => "field ".$key." is needed", "code" => 400 @@ -102,8 +102,6 @@ class RestQuery{ switch($this->required_perms){ case 'unauth': - - //on verifie quand même que l'API est ouverte if((!$core->blog->settings->rest->rest_is_open) && ($core->auth === false)){ return false; @@ -112,7 +110,7 @@ class RestQuery{ } break; - //to do + case 'none': //user must be valid if($core->auth === false){ @@ -147,7 +145,10 @@ class RestQuery{ break; } } - public function get_full_code_header($code){ + public function get_full_code_header($code=''){ + if($code == ''){ + $code = $this->response_code; + } static $codes = array( 100 =>"Continue", 101 =>"Switching Protocols", diff --git a/inc/class.rest.query.post.blogs.php b/inc/class.rest.query.post.blogs.php index 0a4205b..44191b8 100644 --- a/inc/class.rest.query.post.blogs.php +++ b/inc/class.rest.query.post.blogs.php @@ -75,9 +75,10 @@ class RestQueryPostBlogs extends RestQuery $core->callBehavior('adminAfterBlogCreate',$cur,$blog_id,$blog_settings); //cool - $this->response_code = 200; + $this->response_code = 201; $this->response_message = array( - 'code' => 200, + 'code' => 201, + 'id' => $blog_id 'message' => 'Successfully created blog'.$blog_id ); diff --git a/inc/class.rest.query.put.blogs.php b/inc/class.rest.query.put.blogs.php new file mode 100644 index 0000000..f520290 --- /dev/null +++ b/inc/class.rest.query.put.blogs.php @@ -0,0 +1,73 @@ +blog_id = substr($args,6); + + $this->required_perms = 'admin'; + + //Is allowed? + if($this->is_allowed() === false){ + //need To be authentified + $this->response_code = 403; + $this->response_message = array('code' => 403, 'error' => 'You need to be admin to put a blog'); + return; + } + + //Is JSON valid? + $inputArray = $this-> body_to_array($body); + if ($inputArray === false){ + return; + } + + //is it valid fields? + if(!$this->check_for_required_fields( $inputArray, array('blog_id','blog_url','blog_name','blog_desc'), array())){ + return; + } + + //does the blog exists? + $core->blog = new dcBlog($core, $this->blog_id); + $blog_settings = new dcSettings($core,$this->blog_id); + + if(!$core->blog->id){ + $this->response_code = 404; + $this->response_message = array('code' => 404, 'error' => 'Resource '.$this -> blog_id.' not found'); + return; + } + + $cur = $core->con->openCursor($core->prefix.'blog'); + + if(isset($inputArray['blog_id'])) + $cur->blog_id = $inputArray['blog_id']; + else + $cur->blog_id = $core->blog->id; + + if(isset($inputArray['blog_url'])) + $cur->blog_url = preg_replace('/\?+$/','?', $inputArray['blog_url']); + else + $cur->blog_url = $core->blog->url; + + if(isset($inputArray['blog_name'])) + $cur->blog_name = $inputArray['blog_name']; + if(isset($inputArray['blog_desc'])) + $cur->blog_desc = $inputArray['blog_desc']; + + $core->updBlog($this->blog_id,$cur); + + //$cur->blog_upddt = date('Y-m-d H:i:s'); + //$cur->update("WHERE blog_id = '".$core->con->escape($id)."'"); + + $this -> response_code = 200; + $this -> response_message = array( + 'code' => 200, + 'message' => 'blog '.$this->blog_id.' Successfully updated' + ); + return; + } +} \ No newline at end of file diff --git a/index.php b/index.php index 19d8e66..1fc2618 100644 --- a/index.php +++ b/index.php @@ -56,11 +56,11 @@ if(!empty($_POST['resetApiKey'])){ ?> - Rest API config + <?php echo __('REST API configuration'); ?>

Documentation

-

">Go to the Swagger documentation

+

' . __('Documentation and test interface Swagger UI') .'

'; ?>

get_dc_admin_form($core->auth->userID()); ?> @@ -76,10 +76,9 @@ if($core->auth->isSuperAdmin()):

- +

-

+

formNonce(); ?>

diff --git a/locales/fr/main.po b/locales/fr/main.po index 7cd89e0..26a7e4f 100644 --- a/locales/fr/main.po +++ b/locales/fr/main.po @@ -4,5 +4,41 @@ msgstr "Activer l'API REST" msgid "Your API key" msgstr "Votre clef" +msgid "Your new key is" +msgstr "Votre nouvelle clef est" + +msgid "API is open without key" +msgstr "L'API est ouverte sans authentification" + msgid "Rest API configuration" -msgstr "Configuration de l'API" \ No newline at end of file +msgstr "Configuration de l'API" + +msgid "If checked, few methods as GET will be allowed to externals users without API key. However, they won't be able to request for non public content." +msgstr "Si coché, Certaines méthodes seront accessibles sans authentification par clef (ni aucune autre authentification). Cependant, seules les actions et informations normalement accessibles sur le blog par les visiteurs non authentifiés sont concernés." + +msgid "Send Coors headers" +msgstr "Insérer les Headers autorisant les requêtes cross domaine" + +msgid "Save configuration" +msgstr "Enregistrer la configuration" + +msgid "REST API configuration" +msgstr "Configurer l'API REST JSON" + +msgid "Documentation and test interface Swagger UI" +msgstr "Documentation et interface de test de l'API via Swagger UI" + +msgid "Your api key has already been created." +msgstr "Votre clef a déjà été générée" + +msgid "Erase existing API key and generate a new one for" +msgstr "Réinitialiser la clef de " + +msgid "No API key found." +msgstr "La clef de l'API n'a pas été initialisée" + +msgid "Generate a API key for" +msgstr "Créer une clef pour" + +msgid "Copy and paste it, You will cannot see it again." +msgstr "Copiez collez la. Cette clef ne pourra pas vous être refournie." diff --git a/rest_api_256x256.png b/rest_api.png similarity index 100% rename from rest_api_256x256.png rename to rest_api.png