route('infos','retourne les informations sur l\'environnement','GET',function($request,&$response){
global $myUser,$databases_credentials;
if(!$myUser->connected()) throw new Exception("Credentials are missing",401);
$repository = '';
if(file_exists(__DIR__.SLASH.'.git'.SLASH.'config')){
$stream = file_get_contents(__DIR__.SLASH.'.git'.SLASH.'config');
preg_match('|url = (.*\.fr)[:/]([^\n]*)|is', $stream,$match);
$repository = $match[2];
$repositoryUrl = preg_replace('|[^@]*@|i','http://',$match[1]).'/'.$match[2];
}
if(file_exists(__DIR__.SLASH.'.git'.SLASH.'refs'.SLASH.'heads'.SLASH.'master'))
$commitVersion = str_replace(array("\n","\r"),"",file_get_contents(__DIR__.SLASH.'.git'.SLASH.'refs'.SLASH.'heads'.SLASH.'master'));
$response['application']['label'] = PROGRAM_NAME;
$response['application']['version'] = SOURCE_VERSION;
$response['application']['versionning']['type'] = 'git';
$response['application']['versionning']['repository'] = $repository;
$response['application']['versionning']['repository_url'] = $repositoryUrl;
$response['application']['versionning']['commit_version'] = $commitVersion;
$response['application']['timezone'] = TIME_ZONE;
$response['php']['version'] = phpversion();
$response['apache']['version'] = apache_get_version();
$response['databases'] = array();
foreach ($databases_credentials as $key => $value) {
unset($value['password']);
$value['uid'] = $key;
$response['databases'][] = $value;
}
$response['os']['type'] = PHP_OS;
$response['os']['time'] = time();
});
$api->route('token','retourne un jwt token en fonction des identifiants fournis sur l\'environnement','POST',function($request,&$response){
$_ = json_decode($request['body'],true);
if(!isset($_['api_id']) || !isset($_['api_secret'])) throw new Exception("Api Credentials are missing",401);
global $conf;
if(empty($conf->get('jwtauth_secret'))) throw new Exception('JWT secret is missing in core',501);
if(session_status() == PHP_SESSION_ACTIVE) session_destroy();
session_start();
$apiKey = UserPreference::load(array('key'=>'api_id','value'=>encrypt($_['api_id'])));
if(!$apiKey) throw new Exception('Api id not found',404);
$apiSecret = UserPreference::load(array('key'=>'api_secret','user'=>$apiKey->user,'value'=>encrypt($_['api_secret'])));
if(!$apiSecret) throw new Exception('Bad api secret',401);
$apiEnabled = UserPreference::load(array('key'=>'api_enabled','user'=>$apiKey->user,'value'=>1));
if(!$apiEnabled) throw new Exception('Api is not enabled for this account',401);
global $myUser,$myFirm;
$myUser = User::connectLogin($apiSecret->user);
if(!$myUser || !$myUser->connected()) throw new Exception('Bad credentials',401);
if(file_exists('enabled.maintenance') && $myUser->superadmin != 1) throw new Exception('Maintenance is enabled, only super admin can connects',403);
$_SESSION['currentUser'] = serialize($myUser);
$_SESSION['firm'] = serialize($myFirm);
$response['session'] = session_id();
$json = array();
$json['exp'] = strtotime('+8hours');
$json['attributes'] = array(
'session_id' => session_id(),
'user' => $myUser->login
);
$response['token'] = JWToken::createFromJson($json,$conf->get('jwtauth_secret'));
});
//right api
$api->route('rights','retourne la liste des droits du logiciel','GET',function($request,&$response){
global $myUser;
if(!$myUser->connected()) throw new Exception("Credentials are missing",401);
$response['rights'] = array();
if(isset($request['parameters']['sort'])) throw new Exception("Sort is not implemented for firms",501);
if(isset($request['parameters']['filter'])) throw new Exception("Filter is not implemented for firms",501);
$limit = isset($request['parameters']['limit']) ? array($request['parameters']['limit']) : array();
foreach (Right::loadAll(array(),array(),$limit) as $right) {
$row = $right->toArray();
$response['rights'][] = $row;
}
});
$api->route('rights/[rightid]','ajoute/modifie un droit du logiciel','PUT',function($request,&$response){
global $myUser;
if(!$myUser->connected()) throw new Exception("Credentials are missing",401);
$response['right'] = array();
//Création
$_ = $request['parameters'];
$form = json_decode($request['body'],true);
if(!$form) throw new Exception("Invalid JSON body",400);
User::check_access('right','edit');
if(!empty($request['pathes'])){
$right = Right::getById($request['pathes'][0]);
if(empty($right->id)) throw new Exception("Right not found", 404);
$response['code'] = 200; //Modifié
}else{
$right = new right();
if(!isset($form['rank']) || empty($form['rank'])) throw new Exception("L'id du rang est obligatoire",400);
if(!isset($form['scope']) || empty($form['scope'])) throw new Exception("Le nom de la scope est obligatoire",400);
if(!isset($form['firm']) || empty($form['firm'])) throw new Exception("L'id de l'établissement est obligatoire",400);
$response['code'] = 201; //Créé
}
//Check si le rang existe
$rank = Rank::getById($form['rank']);
if(empty($rank->id)) throw new Exception("Rank not found", 400);
//Check si la firm existe
$firm = Firm::getById($form['firm']);
if(empty($firm->id)) throw new Exception("Firm not found", 400);
//Check si la scope existe
$scopes = array();
Plugin::callHook('section',array(&$scopes));
$find = false;
foreach($scopes as $scope=>$description){
if ($scope==$form['scope']){
$find = true;
break;
}
}
if (!$find) throw new Exception("Section not found", 400);
if(isset($form['targetUid'])) $right->targetUid = $form['targetUid'];
if(isset($form['scope'])) $right->scope = $form['scope'];
if(isset($form['firm'])) $right->firm = $form['firm'];
if(isset($form['read'])) $right->read = $form['read'];
if(isset($form['edit'])) $right->edit = $form['edit'];
if(isset($form['delete'])) $right->delete = $form['delete'];
if(isset($form['configure'])) $right->configure = $form['configure'];
$right->save();
Log::put("Création/Modification de droit ".$right->toText(),'Droit');
$response['right'] = array('id'=>$right->id,'scope'=>$right->scope);
});
$api->route('rights/rightid','Supprime un rang du logiciel','DELETE',function($request,&$response){
global $myUser;
if(!$myUser->connected()) throw new Exception("Credentials are missing",401);
if(empty($request['pathes'])) throw new Exception("You must specify right id", 400);
User::check_access('right','delete');
$right = Right::getById($request['pathes'][0]);
if(!$right) throw new Exception("Right not found",404);
$right->deleteById($right->id);
Log::put("Suppression du rang ".$right->toText(),'Rang');
$response['code'] = 204;
});
//rank api
$api->route('ranks','retourne la liste des rangs du logiciel','GET',function($request,&$response){
global $myUser;
if(!$myUser->connected()) throw new Exception("Credentials are missing",401);
$response['ranks'] = array();
if(isset($request['parameters']['sort'])) throw new Exception("Sort is not implemented for firms",501);
if(isset($request['parameters']['filter'])) throw new Exception("Filter is not implemented for firms",501);
$limit = isset($request['parameters']['limit']) ? array($request['parameters']['limit']) : array();
foreach (Rank::loadAll(array(),array(),$limit) as $rank) {
$row = $rank->toArray();
$response['ranks'][] = $row;
}
});
$api->route('ranks/[rankid]','ajoute/modifie un rang du logiciel','PUT',function($request,&$response){
global $myUser;
if(!$myUser->connected()) throw new Exception("Credentials are missing",401);
$response['rank'] = array();
//Création
$_ = $request['parameters'];
$form = json_decode($request['body'],true);
if(!$form) throw new Exception("Invalid JSON body",400);
User::check_access('rank','edit');
if(!empty($request['pathes'])){
$rank = Rank::getById($request['pathes'][0]);
if(empty($rank->id)) throw new Exception("Rank not found", 404);
$response['code'] = 200; //Modifié
}else{
$rank = new rank();
if(!isset($form['label']) || empty($form['label'])) throw new Exception("Le libellé est obligatoire",400);
//Check si un rang n'existe pas déjà avec ce label
if(Rank::load(array('label'=>$form['label']))) throw new Exception("Un rang existe déjà avec ce nom",400);
$rank->label = $form['label'];
$response['code'] = 201; //Créé
}
if(isset($form['label'])) $rank->label = $form['label'];
if(isset($form['description'])) $rank->description = $form['description'];
$rank->save();
Log::put("Création/Modification de rang ".$rank->toText(),'Rang');
$response['rank'] = array('id'=>$rank->id,'label'=>$rank->label);
});
$api->route('ranks/rankid','Supprime un rang du logiciel','DELETE',function($request,&$response){
global $myUser;
if(!$myUser->connected()) throw new Exception("Credentials are missing",401);
if(empty($request['pathes'])) throw new Exception("You must specify rank id", 400);
User::check_access('rank','delete');
$rank = Rank::getById($request['pathes'][0]);
if(!$rank) throw new Exception("Rank not found",404);
foreach(UserFirmRank::loadAll(array('rank'=>$rank->id)) as $ufrLink)
UserFirmRank::deleteById($ufrLink->id);
$rank->deleteById($rank->id);
Log::put("Suppression du rang ".$rank->toText(),'Rang');
$response['code'] = 204;
});
//firm api
$api->route('firms','retourne la liste des établissements du logiciel','GET',function($request,&$response){
global $myUser;
if(!$myUser->connected()) throw new Exception("Credentials are missing",401);
$response['firms'] = array();
if(isset($request['parameters']['sort'])) throw new Exception("Sort is not implemented for firms",501);
if(isset($request['parameters']['filter'])) throw new Exception("Filter is not implemented for firms",501);
$limit = isset($request['parameters']['limit']) ? array($request['parameters']['limit']) : array();
foreach (Firm::loadAll(array(),array(),$limit) as $i=>$firm) {
$row = $firm->toArray();
$response['firms'][] = $row;
}
});
$api->route('firms/[firmid]','ajoute/modifie un établissement du logiciel','PUT',function($request,&$response){
global $myUser;
if(!$myUser->connected()) throw new Exception("Credentials are missing",401);
$response['firm'] = array();
//Création
$_ = $request['parameters'];
$form = json_decode($request['body'],true);
if(!$form) throw new Exception("Invalid JSON body",400);
User::check_access('firm','edit');
if(!empty($request['pathes'])){
$firm = Firm::getById($request['pathes'][0]);
if(empty($firm->id)) throw new Exception("Firm not found", 404);
$response['code'] = 200; //Modifié
}else{
$firm = new Firm();
if(!isset($form['label']) || empty($form['label'])) throw new Exception("Le libellé est obligatoire",400);
if(!isset($form['mail']) || empty($form['mail'])) throw new Exception('Le champ "Mail"est obligatoire',400);
//Check si une firm n'existe pas déjà avec ce label
if(Firm::load(array('label'=>$form['label']))) throw new Exception("Un établissement existe déjà avec ce nom",400);
$firm->label = $form['label'];
$response['code'] = 201; //Créé
}
if(isset($form['label'])) $firm->label = $form['label'];
if(isset($form['description'])) $firm->description = $form['description'];
if(isset($form['mail'])) $firm->mail = $form['mail'];
if(isset($form['phone'])) $firm->phone = $form['phone'];
if(isset($form['fax'])) $firm->fax = $form['fax'];
if(isset($form['street'])) $firm->street = $form['street'];
if(isset($form['street2'])) $firm->street2 = $form['street2'];
if(isset($form['city'])) $firm->city = $form['city'];
if(isset($form['zipcode'])) $firm->zipcode = $form['zipcode'];
if(isset($form['siret'])) $firm->siret = $form['siret'];
if(isset($form['iban'])) $firm->iban = $form['iban'];
$firm->save();
Log::put("Création/Modification de l'établissement ".$firm->toText(),'Etablissement');
$response['firm'] = array('id'=>$firm->id,'label'=>$firm->label);
});
$api->route('firms/firmid','Supprime un établissement du logiciel','DELETE',function($request,&$response){
global $myUser;
if(!$myUser->connected()) throw new Exception("Credentials are missing",401);
if(empty($request['pathes'])) throw new Exception("You must specify firm id", 400);
User::check_access('firm','delete');
$firm = Firm::getById($request['pathes'][0]);
if(!$firm) throw new Exception("Firm not found",404);
foreach(UserFirmRank::loadAll(array('firm'=>$firm->id)) as $ufrLink)
UserFirmRank::deleteById($ufrLink->id);
$firm->deleteById($firm->id);
Log::put("Suppression de l'établissement ".$firm->toText(),'Etablissement');
$response['code'] = 204;
});
//user api
$api->route('account','retourne les informations du compte connecté','GET',function($request,&$response){
global $myUser;
if(!$myUser->connected()) throw new Exception("Credentials are missing",401);
$response['account'] = $myUser->toArray();
unset($response['account']['password']);
});
//user api
$api->route('users','retourne la liste des utilisateurs du logiciel','GET',function($request,&$response){
global $myUser;
if(!$myUser->connected()) throw new Exception("Credentials are missing",401);
$response['users'] = array();
if(isset($request['parameters']['sort'])) throw new Exception("Sort is not implemented for users",501);
if(isset($request['parameters']['filter'])) throw new Exception("Filter is not implemented for users",501);
foreach (User::getAll(array('right'=>false)) as $i=>$user) {
if(isset($request['parameters']['limit']) && $request['parameters']['limit']==$i) break;
$row = $user->toArray();
unset($row['password']);
unset($row['manager']);
$row['origin'] = !isset($row['id']) ? 'plugin': 'database';
$response['users'][] = $row;
}
});
$api->route('users/[userid]','ajoute/modifie un utilisateur du logiciel','PUT',function($request,&$response){
global $myUser;
if(!$myUser->connected()) throw new Exception("Credentials are missing",401);
$response['user'] = array();
//Création
$_ = $request['parameters'];
$form = json_decode($request['body'],true);
if(!$form) throw new Exception("Invalid JSON body",400);
User::check_access('user','edit');
if(!empty($request['pathes'])){
$user = User::byLogin($request['pathes'][0]);
if(empty($user->login)) throw new Exception("User not found", 404);
$response['code'] = 200; //Modifié
}else{
$user = new User();
if(!isset($form['login']) || empty($form['login'])) throw new Exception("Identifiant obligatoire",400);
if(!isset($form['password']) || empty($form['password'])) throw new Exception("Mot de passe obligatoire",400);
if(!isset($form['mail']) || empty($form['mail'])) throw new Exception('Le champ "Mail"est obligatoire',400);
foreach(User::getAll(array('right'=>false)) as $existingUser)
if($existingUser->mail == trim($_['mail'])) throw new Exception("Un utilisateur existe déjà avec cette adresse e-mail");
//Check si un user n'existe pas déjà avec ce login (on récupère tous les users car user peut être supprimé logiquement / désactivé uniquement)
if(User::load(array('login'=>$form['login']))) throw new Exception("Un utilisateur existe déjà avec cet identifiant",400);
$user->login = $form['login'];
$response['code'] = 201; //Créé
}
if(!empty(trim($form['password']))){
$passwordErrors = User::check_password_format(html_entity_decode($form['password']));
if(count($passwordErrors)!=0 && !$myUser->superadmin) throw new Exception("Le format de mot de passe ne respecte pas les conditions suivantes :
".implode("
",$passwordErrors), 400);
if($form['password']==$form['login'] || $form['password']==$form['mail'] ) throw new Exception("Le mot de passe ne peut pas être identique à l'identifiant ou à l'e-mail",400);
$user->password = User::password_encrypt($form['password']);
$user->preference('passwordTime',time());
}
if(isset($form['firstname'])) $user->firstname = mb_ucfirst(mb_strtolower($form['firstname']));
if(isset($form['name'])) $user->name = mb_strtoupper($form['name']);
if(isset($form['mail'])) $user->mail = $form['mail'];
$user->state = User::ACTIVE;
if(isset($form['manager'])) $user->manager = $form['manager'];
$user->save();
User::getAll(array('right'=>true,'force'=>true));
Log::put("Création/Modification de l'utilisateur ".$user->toText(),'Utilisateur');
$response['user'] = array('id'=>$user->id,'login'=>$user->login);
});
$api->route('users/userid','Supprime un utilisateur du logiciel','DELETE',function($request,&$response){
global $myUser;
if(!$myUser->connected()) throw new Exception("Credentials are missing",401);
if(empty($request['pathes'])) throw new Exception("You must spcify user login", 400);
User::check_access('user','delete');
$user = User::byLogin($request['pathes'][0]);
if(!$user) throw new Exception("User not found",404);
if($user->superadmin == 1) throw new Exception("You can't delete superadmin account",403);
if($user->login == $myUser->login) throw new Exception("You can't delete your own account",403);
if(empty($user->id)) throw new Exception("You cant delete no db account", 400);
$user = User::getById($user->id);
$user->state = User::INACTIVE;
$user->save();
foreach(UserFirmRank::loadAll(array('user'=>$user->login)) as $ufrLink)
UserFirmRank::deleteById($ufrLink->id);
if(isset($_SESSION['users_rights'])) unset($_SESSION['users_rights']);
if(isset($_SESSION['users_norights'])) unset($_SESSION['users_norights']);
Log::put("Suppression de l'utilisateur ".$user->toText(),'Utilisateur');
$response['code'] = 204;
});
$api->register();
/* FIN CORE API */
?>