Alternc  latest
Alternc logiel libre pour l'hébergement
Public Member Functions | Public Attributes | Private Attributes | List of all members
Alternc_Api_Service Class Reference

Service API used by server to export API methods this class can be used to implement an API service / endpoint a REST and POST api is provided as an example. More...

Public Member Functions

 __construct ($options)
 Constructor of the Api Service Wrapper. More...
 
 auth ($auth)
 Authenticate into an AlternC server. More...
 
 call ($request)
 Manage an API Call. More...
 
 doc ($element)
 Return documentation of the API, either general (no parameters) or for a specific action or auth class. More...
 
 getDb ()
 Getter for the databaseAdapter (used by authAdapter) More...
 

Public Attributes

 $db
 
 $token
 
const ERR_INVALID_ARGUMENT = 111801
 
const ERR_METHOD_DENIED = 111802
 
const ERR_INVALID_ANSWER = 111803
 
const ERR_SETUID_FORBIDDEN = 111804
 
const ERR_SETUID_USER_NOT_FOUND = 111805
 
const ERR_OBJECT_NOT_FOUND = 111806
 
const ERR_ACTION_NOT_FOUND = 111807
 
const ERR_INVALID_TOKEN = 111808
 

Private Attributes

 $loggerList
 
 $allowedAuth
 

Detailed Description

Service API used by server to export API methods this class can be used to implement an API service / endpoint a REST and POST api is provided as an example.

Definition at line 11 of file Service.php.

Constructor & Destructor Documentation

◆ __construct()

Alternc_Api_Service::__construct (   $options)

Constructor of the Api Service Wrapper.

Parameters
$optionsan hash with databaseAdapter: an already initialized PDO object see http://php.net/PDO loginAdapterList: (not mandatory) list of allowed authentication adapters (their codename) see Alternc/Api/Auth/* loggerAdapter: (not mandatory), a PSR3-Interface-compliant class or a list of it. see https://github.com/php-fig/fig-standards/blob/master/accepted/PSR-3-logger-interface.md for more information
Returns
create the object

Definition at line 40 of file Service.php.

40  {
41 
42  // What DB shall we connect to?
43  // Note: it MUST be in this mode : $dbh->setAttribute(PDO::ATTR_ERRMODE, PDO::ERRMODE_EXCEPTION);
44  if (isset($options["databaseAdapter"]) && $options["databaseAdapter"] instanceof PDO) {
45  $this->db = $options["databaseAdapter"];
46  } else {
47  throw new \Exception("Missing required parameter databaseAdapter", self::ERR_INVALID_ARGUMENT);
48  }
49 
50  // Which login is allowed?
51  $this->allowedAuth = array();
52  if (isset($options["loginAdapterList"]) && is_array($options["loginAdapterList"])) {
53  foreach ($options["loginAdapterList"] as $lal) {
54  $this->allowedAuth[] = (string) $lal;
55  }
56  }
57 
58  // To which logger(s) shall we log to?
59  if (isset($options["loggerAdapter"])) {
60  if (!is_array($options["loggerAdapter"]))
61  $options["loggerAdapter"] = array($options["loggerAdapter"]);
62  foreach ($options["loggerAdapter"] as $la) {
63  if ($la instanceof Psr\Log\LoggerInterface)
64  $this->loggerList[] = $la;
65  }
66  }
67  }

Member Function Documentation

◆ auth()

Alternc_Api_Service::auth (   $auth)

Authenticate into an AlternC server.

Parameters
$authhash with method: string describing the authentication name (in Alternc_Api_Auth_xxx) options: array list of parameters for the corresponding auth. if 'uid' is set in the option hash, the account MUST be an administrator one and as a result, the returned Api_Token will be set to this UID and not the admin one.
Returns
Alternc_Api_Token an API Token

Definition at line 78 of file Service.php.

78  {
79  if (!isset($auth["method"]) || !is_string($auth["method"])) {
80  throw new \Exception("Missing required parameter method", self::ERR_INVALID_ARGUMENT);
81  }
82  if (!isset($auth["options"]) || !is_array($auth["options"])) {
83  throw new \Exception("Missing required parameter options", self::ERR_INVALID_ARGUMENT);
84  }
85 
86  if (count($this->allowedAuth) && !in_array($auth["method"], $this->allowedAuth)) {
87  throw new \Exception("Method not allowed", self::ERR_METHOD_DENIED);
88  }
89  if (isset($auth["options"]["uid"]) && !intval($auth["options"]["uid"])) {
90  throw new \Exception("Invalid UID", self::ERR_INVALID_ARGUMENT);
91  }
92 
93  $adapterName = "Alternc_Api_Auth_" . ucfirst(strtolower($auth["method"]));
94 
95  $authAdapter = new $adapterName($this);
96 
97  $token = $authAdapter->auth($auth["options"]);
98 
99  // something went wrong user-side
100  if ($token instanceof Alternc_Api_Response)
101  return $token;
102  // something went *really* wrong (bad type):
103  if (!$token instanceof Alternc_Api_Token)
104  throw new \Exception("Invalid answer from Api_Auth_Interface", self::ERR_INVALID_ANSWER);
105 
106  if (isset($auth["options"]["uid"])) {
107  if (!$token->isAdmin) {
108  // Non-admin are not allowed to setuid
109  return new Alternc_Api_Response(array("code" => self::ERR_SETUID_FORBIDDEN, "message" => "This user is not allowed to set his uid"));
110  }
111  // Search for the requested user. We allow using *disabled* account here since we are admin
112  foreach ($this->db->query("SELECT uid FROM membres WHERE uid=" . intval($auth["options"]["uid"])) as $setuid) {
113  $token->uid = intval($setuid['uid']);
114  $stmt = $this->db->prepare("UPDATE token SET data=? WHERE token=?");
115  $stmt->execute(array($token->toJson(), $token->token));
116  return $token;
117  }
118  return new Alternc_Api_Response(array("code" => self::ERR_SETUID_USER_NOT_FOUND, "message" => "Can't find the user you want to setuid to"));
119  }
120  return $token;
121  }
Alternc_Api_Response
Standard Response object for the AlternC API.
Definition: Response.php:7
Alternc_Api_Service\$token
$token
Definition: Service.php:16
Alternc_Api_Token
Standard Token object for the AlternC API.
Definition: Token.php:7

References $token.

◆ call()

Alternc_Api_Service::call (   $request)

Manage an API Call.

Parameters
Alternc_Api_Request$requestThe API call the request must have "object" and "action" elements, and a "token" to authenticate "options" are sent as it is to the Api Call.
Returns
Alternc_Api_Response an API response

Definition at line 130 of file Service.php.

130  {
131  if (!$request instanceof Alternc_Api_Request)
132  throw new \Exception("request must be an Alternc_Api_Request object", self::ERR_INVALID_ARGUMENT);
133 
134  // we set the token in the Service object, so that other classes can use it :)
135  $this->token = Alternc_Api_Token::tokenGet($request->token_hash, $this->db);
136  if ($this->token instanceof Alternc_Api_Response) // bad token
137  return $this->token;
138 
139  $className = "Alternc_Api_Object_" . ucfirst(strtolower($request->object));
140  if (!class_exists($className))
141  return new Alternc_Api_Response(array("code" => self::ERR_OBJECT_NOT_FOUND, "message" => "Object not found in this AlternC's instance"));
142 
143  $object = new $className($this);
144 
145  $action = $request->action;
146 
147  if (strpos($action, "-") !== false) {
148  // replace - by an uppercase letter:
149  $action = lcfirst(str_replace(" ", "", implode("", array_map("ucfirst", explode("-", $action)))));
150  }
151  if (!method_exists($object, $action))
152  return new Alternc_Api_Response(array("code" => self::ERR_ACTION_NOT_FOUND, "message" => "Action not found for this object in this AlternC's instance"));
153 
154  $request->token = $this->token; // we receive $request->token_hash as a STRING, but we transmit its object as an Alternc_Api_Token.
155  // TODO: log this Api Call
156  return $object->$action($request->options);
157  }
Alternc_Api_Request
Standard Request object for the AlternC API.
Definition: Request.php:8
Alternc_Api_Token\tokenGet
static tokenGet($token, $db)
Check and return a token.
Definition: Token.php:102
$request
$request
Definition: request_reset.php:5

References $request, $token, and Alternc_Api_Token\tokenGet().

◆ doc()

Alternc_Api_Service::doc (   $element)

Return documentation of the API, either general (no parameters) or for a specific action or auth class.

Parameters
string$elementthe name of the object for which documentation is requested
Returns
array a documentation hash (key/value)

Definition at line 165 of file Service.php.

165  {
166  if (substr($element, 0, 5) == "auth/") {
167  $adapterName = "Alternc_Api_Auth_" . ucfirst(strtolower(substr($element, 5)));
168  if (!class_exists($adapterName))
169  return false;
170  $authAdapter = new $adapterName($this);
171  return $authAdapter->documentation();
172  } else {
173  list($class, $action) = explode("/", $element);
174  $className = "Alternc_Api_Object_" . ucfirst(strtolower($class));
175  if (!class_exists($className))
176  return false;
177  $object = new $className($this);
178  if (!$action) {
179  return $authAdapter->documentation();
180  } else {
181  return $authAdapter->documentation($action);
182  }
183  }
184  }

◆ getDb()

Alternc_Api_Service::getDb ( )

Getter for the databaseAdapter (used by authAdapter)

Definition at line 190 of file Service.php.

190  {
191  return $this->db;
192  }
Alternc_Api_Service\$db
$db
Definition: Service.php:13

References $db.

Member Data Documentation

◆ $allowedAuth

Alternc_Api_Service::$allowedAuth
private

Definition at line 15 of file Service.php.

◆ $db

Alternc_Api_Service::$db

Definition at line 13 of file Service.php.

Referenced by getDb().

◆ $loggerList

Alternc_Api_Service::$loggerList
private

Definition at line 14 of file Service.php.

◆ $token

Alternc_Api_Service::$token

Definition at line 16 of file Service.php.

Referenced by auth(), and call().

◆ ERR_ACTION_NOT_FOUND

const Alternc_Api_Service::ERR_ACTION_NOT_FOUND = 111807

Definition at line 24 of file Service.php.

◆ ERR_INVALID_ANSWER

const Alternc_Api_Service::ERR_INVALID_ANSWER = 111803

Definition at line 20 of file Service.php.

◆ ERR_INVALID_ARGUMENT

const Alternc_Api_Service::ERR_INVALID_ARGUMENT = 111801

Definition at line 18 of file Service.php.

◆ ERR_INVALID_TOKEN

const Alternc_Api_Service::ERR_INVALID_TOKEN = 111808

Definition at line 25 of file Service.php.

◆ ERR_METHOD_DENIED

const Alternc_Api_Service::ERR_METHOD_DENIED = 111802

Definition at line 19 of file Service.php.

◆ ERR_OBJECT_NOT_FOUND

const Alternc_Api_Service::ERR_OBJECT_NOT_FOUND = 111806

Definition at line 23 of file Service.php.

◆ ERR_SETUID_FORBIDDEN

const Alternc_Api_Service::ERR_SETUID_FORBIDDEN = 111804

Definition at line 21 of file Service.php.

◆ ERR_SETUID_USER_NOT_FOUND

const Alternc_Api_Service::ERR_SETUID_USER_NOT_FOUND = 111805

Definition at line 22 of file Service.php.

The documentation for this class was generated from the following file: