route('infos','retourne les informations sur l\'environnement','GET',function($request,&$response){ global $myUser,$databases_credentials; if(!$myUser->connected()) throw new Exception("Credentials are missing",401); $repository = ''; if(file_exists(__DIR__.SLASH.'.git'.SLASH.'config')){ $stream = file_get_contents(__DIR__.SLASH.'.git'.SLASH.'config'); preg_match('|url = (.*\.fr)[:/]([^\n]*)|is', $stream,$match); $repository = $match[2]; $repositoryUrl = preg_replace('|[^@]*@|i','http://',$match[1]).'/'.$match[2]; } if(file_exists(__DIR__.SLASH.'.git'.SLASH.'refs'.SLASH.'heads'.SLASH.'master')) $commitVersion = str_replace(array("\n","\r"),"",file_get_contents(__DIR__.SLASH.'.git'.SLASH.'refs'.SLASH.'heads'.SLASH.'master')); $response['application']['label'] = PROGRAM_NAME; $response['application']['version'] = SOURCE_VERSION; $response['application']['versionning']['type'] = 'git'; $response['application']['versionning']['repository'] = $repository; $response['application']['versionning']['repository_url'] = $repositoryUrl; $response['application']['versionning']['commit_version'] = $commitVersion; $response['application']['timezone'] = TIME_ZONE; $response['php']['version'] = phpversion(); $response['apache']['version'] = apache_get_version(); $response['databases'] = array(); foreach ($databases_credentials as $key => $value) { unset($value['password']); $value['uid'] = $key; $response['databases'][] = $value; } $response['os']['type'] = PHP_OS; $response['os']['time'] = time(); }); $api->route('token','retourne un jwt token en fonction des identifiants fournis sur l\'environnement','POST',function($request,&$response){ $_ = json_decode($request['body'],true); if(!isset($_['api_id']) || !isset($_['api_secret'])) throw new Exception("Api Credentials are missing",401); global $conf; if(empty($conf->get('jwtauth_secret'))) throw new Exception('JWT secret is missing in core',501); if(session_status() == PHP_SESSION_ACTIVE) session_destroy(); session_start(); $apiKey = UserPreference::load(array('key'=>'api_id','value'=>encrypt($_['api_id']))); if(!$apiKey) throw new Exception('Api id not found',404); $apiSecret = UserPreference::load(array('key'=>'api_secret','user'=>$apiKey->user,'value'=>encrypt($_['api_secret']))); if(!$apiSecret) throw new Exception('Bad api secret',401); $apiEnabled = UserPreference::load(array('key'=>'api_enabled','user'=>$apiKey->user,'value'=>1)); if(!$apiEnabled) throw new Exception('Api is not enabled for this account',401); global $myUser,$myFirm; $myUser = User::connectLogin($apiSecret->user); if(!$myUser || !$myUser->connected()) throw new Exception('Bad credentials',401); if(file_exists('enabled.maintenance') && $myUser->superadmin != 1) throw new Exception('Maintenance is enabled, only super admin can connects',403); $_SESSION['currentUser'] = serialize($myUser); $_SESSION['firm'] = serialize($myFirm); $response['session'] = session_id(); $json = array(); $json['exp'] = strtotime('+8hours'); $json['attributes'] = array( 'session_id' => session_id(), 'user' => $myUser->login ); $response['token'] = JWToken::createFromJson($json,$conf->get('jwtauth_secret')); }); //right api $api->route('rights','retourne la liste des droits du logiciel','GET',function($request,&$response){ global $myUser; if(!$myUser->connected()) throw new Exception("Credentials are missing",401); $response['rights'] = array(); if(isset($request['parameters']['sort'])) throw new Exception("Sort is not implemented for firms",501); if(isset($request['parameters']['filter'])) throw new Exception("Filter is not implemented for firms",501); $limit = isset($request['parameters']['limit']) ? array($request['parameters']['limit']) : array(); foreach (Right::loadAll(array(),array(),$limit) as $right) { $row = $right->toArray(); $response['rights'][] = $row; } }); $api->route('rights/[rightid]','ajoute/modifie un droit du logiciel','PUT',function($request,&$response){ global $myUser; if(!$myUser->connected()) throw new Exception("Credentials are missing",401); $response['right'] = array(); //Création $_ = $request['parameters']; $form = json_decode($request['body'],true); if(!$form) throw new Exception("Invalid JSON body",400); User::check_access('right','edit'); if(!empty($request['pathes'])){ $right = Right::getById($request['pathes'][0]); if(empty($right->id)) throw new Exception("Right not found", 404); $response['code'] = 200; //Modifié }else{ $right = new right(); if(!isset($form['rank']) || empty($form['rank'])) throw new Exception("L'id du rang est obligatoire",400); if(!isset($form['scope']) || empty($form['scope'])) throw new Exception("Le nom de la scope est obligatoire",400); if(!isset($form['firm']) || empty($form['firm'])) throw new Exception("L'id de l'établissement est obligatoire",400); $response['code'] = 201; //Créé } //Check si le rang existe $rank = Rank::getById($form['rank']); if(empty($rank->id)) throw new Exception("Rank not found", 400); //Check si la firm existe $firm = Firm::getById($form['firm']); if(empty($firm->id)) throw new Exception("Firm not found", 400); //Check si la scope existe $scopes = array(); Plugin::callHook('section',array(&$scopes)); $find = false; foreach($scopes as $scope=>$description){ if ($scope==$form['scope']){ $find = true; break; } } if (!$find) throw new Exception("Section not found", 400); if(isset($form['targetUid'])) $right->targetUid = $form['targetUid']; if(isset($form['scope'])) $right->scope = $form['scope']; if(isset($form['firm'])) $right->firm = $form['firm']; if(isset($form['read'])) $right->read = $form['read']; if(isset($form['edit'])) $right->edit = $form['edit']; if(isset($form['delete'])) $right->delete = $form['delete']; if(isset($form['configure'])) $right->configure = $form['configure']; $right->save(); Log::put("Création/Modification de droit ".$right->toText(),'Droit'); $response['right'] = array('id'=>$right->id,'scope'=>$right->scope); }); $api->route('rights/rightid','Supprime un rang du logiciel','DELETE',function($request,&$response){ global $myUser; if(!$myUser->connected()) throw new Exception("Credentials are missing",401); if(empty($request['pathes'])) throw new Exception("You must specify right id", 400); User::check_access('right','delete'); $right = Right::getById($request['pathes'][0]); if(!$right) throw new Exception("Right not found",404); $right->deleteById($right->id); Log::put("Suppression du rang ".$right->toText(),'Rang'); $response['code'] = 204; }); //rank api $api->route('ranks','retourne la liste des rangs du logiciel','GET',function($request,&$response){ global $myUser; if(!$myUser->connected()) throw new Exception("Credentials are missing",401); $response['ranks'] = array(); if(isset($request['parameters']['sort'])) throw new Exception("Sort is not implemented for firms",501); if(isset($request['parameters']['filter'])) throw new Exception("Filter is not implemented for firms",501); $limit = isset($request['parameters']['limit']) ? array($request['parameters']['limit']) : array(); foreach (Rank::loadAll(array(),array(),$limit) as $rank) { $row = $rank->toArray(); $response['ranks'][] = $row; } }); $api->route('ranks/[rankid]','ajoute/modifie un rang du logiciel','PUT',function($request,&$response){ global $myUser; if(!$myUser->connected()) throw new Exception("Credentials are missing",401); $response['rank'] = array(); //Création $_ = $request['parameters']; $form = json_decode($request['body'],true); if(!$form) throw new Exception("Invalid JSON body",400); User::check_access('rank','edit'); if(!empty($request['pathes'])){ $rank = Rank::getById($request['pathes'][0]); if(empty($rank->id)) throw new Exception("Rank not found", 404); $response['code'] = 200; //Modifié }else{ $rank = new rank(); if(!isset($form['label']) || empty($form['label'])) throw new Exception("Le libellé est obligatoire",400); //Check si un rang n'existe pas déjà avec ce label if(Rank::load(array('label'=>$form['label']))) throw new Exception("Un rang existe déjà avec ce nom",400); $rank->label = $form['label']; $response['code'] = 201; //Créé } if(isset($form['label'])) $rank->label = $form['label']; if(isset($form['description'])) $rank->description = $form['description']; $rank->save(); Log::put("Création/Modification de rang ".$rank->toText(),'Rang'); $response['rank'] = array('id'=>$rank->id,'label'=>$rank->label); }); $api->route('ranks/rankid','Supprime un rang du logiciel','DELETE',function($request,&$response){ global $myUser; if(!$myUser->connected()) throw new Exception("Credentials are missing",401); if(empty($request['pathes'])) throw new Exception("You must specify rank id", 400); User::check_access('rank','delete'); $rank = Rank::getById($request['pathes'][0]); if(!$rank) throw new Exception("Rank not found",404); foreach(UserFirmRank::loadAll(array('rank'=>$rank->id)) as $ufrLink) UserFirmRank::deleteById($ufrLink->id); $rank->deleteById($rank->id); Log::put("Suppression du rang ".$rank->toText(),'Rang'); $response['code'] = 204; }); //firm api $api->route('firms','retourne la liste des établissements du logiciel','GET',function($request,&$response){ global $myUser; if(!$myUser->connected()) throw new Exception("Credentials are missing",401); $response['firms'] = array(); if(isset($request['parameters']['sort'])) throw new Exception("Sort is not implemented for firms",501); if(isset($request['parameters']['filter'])) throw new Exception("Filter is not implemented for firms",501); $limit = isset($request['parameters']['limit']) ? array($request['parameters']['limit']) : array(); foreach (Firm::loadAll(array(),array(),$limit) as $i=>$firm) { $row = $firm->toArray(); $response['firms'][] = $row; } }); $api->route('firms/[firmid]','ajoute/modifie un établissement du logiciel','PUT',function($request,&$response){ global $myUser; if(!$myUser->connected()) throw new Exception("Credentials are missing",401); $response['firm'] = array(); //Création $_ = $request['parameters']; $form = json_decode($request['body'],true); if(!$form) throw new Exception("Invalid JSON body",400); User::check_access('firm','edit'); if(!empty($request['pathes'])){ $firm = Firm::getById($request['pathes'][0]); if(empty($firm->id)) throw new Exception("Firm not found", 404); $response['code'] = 200; //Modifié }else{ $firm = new Firm(); if(!isset($form['label']) || empty($form['label'])) throw new Exception("Le libellé est obligatoire",400); if(!isset($form['mail']) || empty($form['mail'])) throw new Exception('Le champ "Mail"est obligatoire',400); //Check si une firm n'existe pas déjà avec ce label if(Firm::load(array('label'=>$form['label']))) throw new Exception("Un établissement existe déjà avec ce nom",400); $firm->label = $form['label']; $response['code'] = 201; //Créé } if(isset($form['label'])) $firm->label = $form['label']; if(isset($form['description'])) $firm->description = $form['description']; if(isset($form['mail'])) $firm->mail = $form['mail']; if(isset($form['phone'])) $firm->phone = $form['phone']; if(isset($form['fax'])) $firm->fax = $form['fax']; if(isset($form['street'])) $firm->street = $form['street']; if(isset($form['street2'])) $firm->street2 = $form['street2']; if(isset($form['city'])) $firm->city = $form['city']; if(isset($form['zipcode'])) $firm->zipcode = $form['zipcode']; if(isset($form['siret'])) $firm->siret = $form['siret']; if(isset($form['iban'])) $firm->iban = $form['iban']; $firm->save(); Log::put("Création/Modification de l'établissement ".$firm->toText(),'Etablissement'); $response['firm'] = array('id'=>$firm->id,'label'=>$firm->label); }); $api->route('firms/firmid','Supprime un établissement du logiciel','DELETE',function($request,&$response){ global $myUser; if(!$myUser->connected()) throw new Exception("Credentials are missing",401); if(empty($request['pathes'])) throw new Exception("You must specify firm id", 400); User::check_access('firm','delete'); $firm = Firm::getById($request['pathes'][0]); if(!$firm) throw new Exception("Firm not found",404); foreach(UserFirmRank::loadAll(array('firm'=>$firm->id)) as $ufrLink) UserFirmRank::deleteById($ufrLink->id); $firm->deleteById($firm->id); Log::put("Suppression de l'établissement ".$firm->toText(),'Etablissement'); $response['code'] = 204; }); //user api $api->route('account','retourne les informations du compte connecté','GET',function($request,&$response){ global $myUser; if(!$myUser->connected()) throw new Exception("Credentials are missing",401); $response['account'] = $myUser->toArray(); unset($response['account']['password']); }); //user api $api->route('users','retourne la liste des utilisateurs du logiciel','GET',function($request,&$response){ global $myUser; if(!$myUser->connected()) throw new Exception("Credentials are missing",401); $response['users'] = array(); if(isset($request['parameters']['sort'])) throw new Exception("Sort is not implemented for users",501); if(isset($request['parameters']['filter'])) throw new Exception("Filter is not implemented for users",501); foreach (User::getAll(array('right'=>false)) as $i=>$user) { if(isset($request['parameters']['limit']) && $request['parameters']['limit']==$i) break; $row = $user->toArray(); unset($row['password']); unset($row['manager']); $row['origin'] = !isset($row['id']) ? 'plugin': 'database'; $response['users'][] = $row; } }); $api->route('users/[userid]','ajoute/modifie un utilisateur du logiciel','PUT',function($request,&$response){ global $myUser; if(!$myUser->connected()) throw new Exception("Credentials are missing",401); $response['user'] = array(); //Création $_ = $request['parameters']; $form = json_decode($request['body'],true); if(!$form) throw new Exception("Invalid JSON body",400); User::check_access('user','edit'); if(!empty($request['pathes'])){ $user = User::byLogin($request['pathes'][0]); if(empty($user->login)) throw new Exception("User not found", 404); $response['code'] = 200; //Modifié }else{ $user = new User(); if(!isset($form['login']) || empty($form['login'])) throw new Exception("Identifiant obligatoire",400); if(!isset($form['password']) || empty($form['password'])) throw new Exception("Mot de passe obligatoire",400); if(!isset($form['mail']) || empty($form['mail'])) throw new Exception('Le champ "Mail"est obligatoire',400); foreach(User::getAll(array('right'=>false)) as $existingUser) if($existingUser->mail == trim($_['mail'])) throw new Exception("Un utilisateur existe déjà avec cette adresse e-mail"); //Check si un user n'existe pas déjà avec ce login (on récupère tous les users car user peut être supprimé logiquement / désactivé uniquement) if(User::load(array('login'=>$form['login']))) throw new Exception("Un utilisateur existe déjà avec cet identifiant",400); $user->login = $form['login']; $response['code'] = 201; //Créé } if(!empty(trim($form['password']))){ $passwordErrors = User::check_password_format(html_entity_decode($form['password'])); if(count($passwordErrors)!=0 && !$myUser->superadmin) throw new Exception("Le format de mot de passe ne respecte pas les conditions suivantes :
".implode("
",$passwordErrors), 400); if($form['password']==$form['login'] || $form['password']==$form['mail'] ) throw new Exception("Le mot de passe ne peut pas être identique à l'identifiant ou à l'e-mail",400); $user->password = User::password_encrypt($form['password']); $user->preference('passwordTime',time()); } if(isset($form['firstname'])) $user->firstname = mb_ucfirst(mb_strtolower($form['firstname'])); if(isset($form['name'])) $user->name = mb_strtoupper($form['name']); if(isset($form['mail'])) $user->mail = $form['mail']; $user->state = User::ACTIVE; if(isset($form['manager'])) $user->manager = $form['manager']; $user->save(); User::getAll(array('right'=>true,'force'=>true)); Log::put("Création/Modification de l'utilisateur ".$user->toText(),'Utilisateur'); $response['user'] = array('id'=>$user->id,'login'=>$user->login); }); $api->route('users/userid','Supprime un utilisateur du logiciel','DELETE',function($request,&$response){ global $myUser; if(!$myUser->connected()) throw new Exception("Credentials are missing",401); if(empty($request['pathes'])) throw new Exception("You must spcify user login", 400); User::check_access('user','delete'); $user = User::byLogin($request['pathes'][0]); if(!$user) throw new Exception("User not found",404); if($user->superadmin == 1) throw new Exception("You can't delete superadmin account",403); if($user->login == $myUser->login) throw new Exception("You can't delete your own account",403); if(empty($user->id)) throw new Exception("You cant delete no db account", 400); $user = User::getById($user->id); $user->state = User::INACTIVE; $user->save(); foreach(UserFirmRank::loadAll(array('user'=>$user->login)) as $ufrLink) UserFirmRank::deleteById($ufrLink->id); if(isset($_SESSION['users_rights'])) unset($_SESSION['users_rights']); if(isset($_SESSION['users_norights'])) unset($_SESSION['users_norights']); Log::put("Suppression de l'utilisateur ".$user->toText(),'Utilisateur'); $response['code'] = 204; }); $api->register(); /* FIN CORE API */ ?>