summaryrefslogtreecommitdiff
path: root/includes
diff options
context:
space:
mode:
authorPhilip Häusler <msquare@notrademark.de>2014-01-05 19:33:52 +0100
committerPhilip Häusler <msquare@notrademark.de>2014-01-05 19:33:52 +0100
commit9dc5dbe3b6eacae5ea8dc335304edf7007d2ab57 (patch)
tree89c55ca146593db853957e0de3dc12efdc7852f8 /includes
parent316c18f9129451bd30484293cadc5e9e8c62f604 (diff)
cookie-0005-API-add-getApiKey.patch
Diffstat (limited to 'includes')
-rw-r--r--includes/controller/api.php127
-rw-r--r--includes/model/NeededAngelTypes_model.php10
-rw-r--r--includes/model/Shifts_model.php25
3 files changed, 129 insertions, 33 deletions
diff --git a/includes/controller/api.php b/includes/controller/api.php
index 07a389b1..0e77f5a0 100644
--- a/includes/controller/api.php
+++ b/includes/controller/api.php
@@ -16,16 +16,27 @@ Testing API calls (using curl):
$ curl -d '{"key":"<key>","cmd":"getVersion"}' '<Address>/?p=api'
-Methods:
---------
+Methods without key:
+--------------------
getVersion
Description:
Returns API version.
Parameters:
nothing
Return Example:
- {"version": "1"}
+ {"status":"success","version": "1"}
+
+getApiKey
+ Description:
+ Returns API Key version.
+ Parameters:
+ user (string)
+ pw (string)
+ Return Example:
+ {"status":"success","Key":"1234567890123456789012"}
+Methods with Key:
+-----------------
getRoom
Description:
Returns a list of all Rooms (no id set) or details of a single Room (requested id)
@@ -66,7 +77,9 @@ getShift
3 occupied and free
Return Example:
[{"SID":"1"},{"SID":"2"},{"SID":"3"}]
- {"SID":"1","start":"1388185200","end":"1388199600","RID":"1","name":"Shift 1","URL":null,"PSID":null}
+ {"SID":"10","start":"1388264400","end":"1388271600","RID":"1","name":"Shift 1","URL":null,"PSID":null,\
+ "ShiftEntry":[{"TID":"8","UID":"4","freeloaded":"0"}],
+ "NeedAngels":[{"TID":"8","count":"1","restricted":"0","taken":1},{"TID":"9","count":"2","restricted":"0","taken":0}]}
getMessage
Description:
@@ -87,37 +100,51 @@ getMessage
function api_controller() {
global $DataJson, $_REQUEST;
+ header("Content-Type: application/json; charset=utf-8");
+
// decode JSON request
$input = file_get_contents("php://input");
$input = json_decode($input, true);
$_REQUEST = $input;
+ // get command
+ $cmd='';
+ if (isset($_REQUEST['cmd']) )
+ $cmd = strtolower( $_REQUEST['cmd']);
+
+ // decode commands, without key
+ switch( $cmd) {
+ case 'getversion':
+ getVersion();
+ die( json_encode($DataJson));
+ break;
+ case 'getapikey':
+ getApiKey();
+ die( json_encode($DataJson));
+ break;
+ }
+
// get API KEY
if (isset($_REQUEST['key']) && preg_match("/^[0-9a-f]{32}$/", $_REQUEST['key']))
$key = $_REQUEST['key'];
else
- die("Missing key.");
-
+ die( json_encode( array (
+ 'status' => 'failed',
+ 'error' => 'Missing parameter "key".' )));
+
// check API key
$user = User_by_api_key($key);
if ($user === false)
- die("Unable to find user.");
+ die( json_encode( array (
+ 'status' => 'failed',
+ 'error' => 'Unable to find user' )));
if ($user == null)
- die("Key invalid.");
-
- // get command
- $cmd='';
- if (isset($_REQUEST['cmd']) )
- $cmd = strtolower( $_REQUEST['cmd']);
+ die( json_encode( array (
+ 'status' => 'failed',
+ 'error' => 'Key invalid.' )));
// decode command
switch( $cmd) {
- case 'echo':
- $DataJson = $input;
- break;
- case 'getversion':
- getVersion();
- break;
case 'getroom':
getRoom();
break;
@@ -134,11 +161,18 @@ function api_controller() {
getMessage();
break;
default:
- die("Unknown Command (". $cmd. ")");
+ $DataJson = array (
+ 'status' => 'failed',
+ 'error' => 'Unknown Command "'. $cmd. '"' );
+ }
+
+ // check
+ if( $DataJson === false) {
+ $DataJson = array (
+ 'status' => 'failed',
+ 'error' => 'DataJson === false' );
}
-
- header("Content-Type: application/json; charset=utf-8");
echo json_encode($DataJson);
die();
}
@@ -148,9 +182,54 @@ function api_controller() {
*/
function getVersion(){
global $DataJson;
- $DataJson['Version'] = 1;
+
+ $DataJson = array(
+ 'status' => 'success',
+ 'Version' => 1);
}
+
+/**
+ * Get API Key
+ */
+function getApiKey(){
+ global $DataJson, $_REQUEST;
+
+ if (!isset($_REQUEST['user']) ) {
+ $DataJson = array (
+ 'status' => 'failed',
+ 'error' => 'Missing parameter "user".' );
+ }
+ elseif (!isset($_REQUEST['pw']) ) {
+ $DataJson = array (
+ 'status' => 'failed',
+ 'error' => 'Missing parameter "pw".' );
+ } else {
+ $Erg = sql_select( "SELECT `UID`, `Passwort`, `api_key` FROM `User` WHERE `Nick`='" . sql_escape($_REQUEST['user']) . "'");
+
+ if (count($Erg) == 1) {
+ $Erg = $Erg[0];
+ if (verify_password( $_REQUEST['pw'], $Erg["Passwort"], $Erg["UID"])) {
+ $key = $Erg["api_key"];
+ $DataJson = array(
+ 'status' => 'success',
+ 'Key' => $key);
+ } else {
+ $DataJson = array (
+ 'status' => 'failed',
+ 'error' => 'PW wrong' );
+ }
+ } else {
+ $DataJson = array (
+ 'status' => 'failed',
+ 'error' => 'User not found.' );
+ }
+ }
+
+ sleep(1);
+}
+
+
/**
* Get Room
*/
@@ -216,4 +295,4 @@ function getMessage(){
}
}
-?>
+?> \ No newline at end of file
diff --git a/includes/model/NeededAngelTypes_model.php b/includes/model/NeededAngelTypes_model.php
index 9bad22c8..81ce2d5f 100644
--- a/includes/model/NeededAngelTypes_model.php
+++ b/includes/model/NeededAngelTypes_model.php
@@ -3,14 +3,14 @@
/**
* Returns all needed angeltypes and already taken needs.
*
- * @param Shift $shift
+ * @param shiftID id of shift
*/
-function NeededAngelTypes_by_shift($shift) {
+function NeededAngelTypes_by_shift($shiftId) {
$needed_angeltypes_source = sql_select("
SELECT `NeededAngelTypes`.*, `AngelTypes`.`name`, `AngelTypes`.`restricted`
FROM `NeededAngelTypes`
JOIN `AngelTypes` ON `AngelTypes`.`id` = `NeededAngelTypes`.`angel_type_id`
- WHERE `shift_id`=" . sql_escape($shift['SID']) . "
+ WHERE `shift_id`=" . sql_escape($shiftId) . "
AND `count` > 0
ORDER BY `room_id` DESC
");
@@ -23,7 +23,7 @@ function NeededAngelTypes_by_shift($shift) {
SELECT `NeededAngelTypes`.*, `AngelTypes`.`name`, `AngelTypes`.`restricted`
FROM `NeededAngelTypes`
JOIN `AngelTypes` ON `AngelTypes`.`id` = `NeededAngelTypes`.`angel_type_id`
- WHERE `room_id`=" . sql_escape($shift['RID']) . "
+ WHERE `room_id`=" . sql_escape($shiftId) . "
AND `count` > 0
ORDER BY `room_id` DESC
");
@@ -33,7 +33,7 @@ function NeededAngelTypes_by_shift($shift) {
$needed_angeltypes = array();
foreach ($needed_angeltypes_source as $angeltype) {
- $shift_entries = ShiftEntries_by_shift_and_angeltype($shift['SID'], $angeltype['angel_type_id']);
+ $shift_entries = ShiftEntries_by_shift_and_angeltype($shiftId, $angeltype['angel_type_id']);
if ($shift_entries === false)
return false;
diff --git a/includes/model/Shifts_model.php b/includes/model/Shifts_model.php
index 224bfc0b..df47b967 100644
--- a/includes/model/Shifts_model.php
+++ b/includes/model/Shifts_model.php
@@ -41,7 +41,7 @@ function mShiftList() {
if (count($shifts_source) > 0) {
return $shifts_source;
}
-return null;
+ return null;
}
/**
@@ -51,10 +51,27 @@ return null;
*/
function mShift($id) {
$shifts_source = sql_select("SELECT * FROM `Shifts` WHERE `SID`=" . sql_escape($id) . " LIMIT 1");
+ $shiftsEntry_source = sql_select("SELECT `TID` , `UID` , `freeloaded` FROM `ShiftEntry` WHERE `SID`=" . sql_escape($id) );
+
if ($shifts_source === false)
return false;
- if (count($shifts_source) > 0)
- return $shifts_source[0];
+ if (count($shifts_source) > 0) {
+ $result = $shifts_source[0];
+
+ $result['ShiftEntry'] = $shiftsEntry_source;
+
+ $temp = NeededAngelTypes_by_shift($id);
+ foreach( $temp as $e)
+ {
+ $result['NeedAngels'][] = array (
+ 'TID' => $e['angel_type_id'],
+ 'count' => $e['count'],
+ 'restricted' => $e['restricted'],
+ 'taken' => $e['taken'] );
+ }
+
+ return $result;
+ }
return null;
}
@@ -71,7 +88,7 @@ function Shifts() {
return false;
foreach ($shifts_source as &$shift) {
- $needed_angeltypes = NeededAngelTypes_by_shift($shift);
+ $needed_angeltypes = NeededAngelTypes_by_shift($shift['SID']);
if ($needed_angeltypes === false)
return false;