composer/iTop
6
0
Fork 0
mirror of https://github.com/Combodo/iTop.git synced 2026-02-13 15:34:12 +01:00
Code Issues Packages Projects Releases Wiki Activity
Files
94de069963d366f4791068a6e325f959beb4f45a
iTop/webservices/rest.php
Denis Flaven 9013910cec Protect against unwanted output that may corrupt the JSON results 
SVN:trunk[2607]
2013-02-27 16:14:16 +00:00

209 lines
5.6 KiB
PHP
Raw Blame History

<?php
// Copyright (C) 2010-2013 Combodo SARL
//
// This file is part of iTop.
//
// iTop is free software; you can redistribute it and/or modify
// it under the terms of the GNU Affero General Public License as published by
// the Free Software Foundation, either version 3 of the License, or
// (at your option) any later version.
//
// iTop is distributed in the hope that it will be useful,
// but WITHOUT ANY WARRANTY; without even the implied warranty of
// MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
// GNU Affero General Public License for more details.
//
// You should have received a copy of the GNU Affero General Public License
// along with iTop. If not, see <http://www.gnu.org/licenses/>
/**
* Entry point for all the REST services
*
* --------------------------------------------------
* Create an object
* --------------------------------------------------
* POST itop/webservices/rest.php
* {
* operation: 'object_create',
* comment: 'Synchronization from blah...',
* class: 'UserRequest',
* results: 'id, friendlyname',
* fields:
* {
* org_id: 'SELECT Organization WHERE name = "Demo"',
* caller_id:
* {
* name: 'monet',
* first_name: 'claude',
* }
* title: 'Houston, got a problem!',
* description: 'The fridge is empty'
* contacts_list:
* [
* {
* role: 'pizza delivery',
* contact_id:
* {
* finalclass: 'Person',
* name: 'monet',
* first_name: 'claude'
* }
* }
* ]
* }
* }
*
*
* @copyright Copyright (C) 2010-2013 Combodo SARL
* @license http://opensource.org/licenses/AGPL-3.0
*/
if (!defined('__DIR__')) define('__DIR__', dirname(__FILE__));
require_once(__DIR__.'/../approot.inc.php');
require_once(APPROOT.'/application/application.inc.php');
require_once(APPROOT.'/application/ajaxwebpage.class.inc.php');
require_once(APPROOT.'/application/startup.inc.php');
require_once(APPROOT.'core/restservices.class.inc.php');
/**
* Result structure that is specific to the hardcoded verb 'list_operations'
*/
class RestResultListOperations extends RestResult
{
public $version;
public $operations;
public function AddOperation($sVerb, $sDescription, $sServiceProviderClass)
{
$this->operations[] = array(
'verb' => $sVerb,
'description' => $sDescription,
'extension' => $sServiceProviderClass
);
}
}
////////////////////////////////////////////////////////////////////////////////
//
// Main
//
$oP = new ajax_page('rest');
try
{
utils::UseParamFile();
$sAuthUser = utils::ReadParam('auth_user', null, false, 'raw_data');
$sAuthPwd = utils::ReadParam('auth_pwd', null, false, 'raw_data');
if (UserRights::CheckCredentials($sAuthUser, $sAuthPwd))
{
UserRights::Login($sAuthUser); // Login & set the user's language
}
else
{
throw new Exception("Invalid login '$sAuthUser'", RestResult::UNAUTHORIZED);
}
$sVersion = utils::ReadParam('version', null, false, 'raw_data');
if ($sVersion == null)
{
throw new Exception("Missing parameter 'version' (e.g. '1.0')", RestResult::MISSING_VERSION);
}
$sJsonString = utils::ReadParam('json_data', null, false, 'raw_data');
if ($sJsonString == null)
{
throw new Exception("Missing parameter 'json_data", RestResult::MISSING_JSON);
}
$aJsonData = @json_decode($sJsonString);
if ($aJsonData == null)
{
throw new Exception("Parameter json_data is not a valid JSON structure", RestResult::INVALID_JSON);
}
$aProviders = array();
foreach(get_declared_classes() as $sPHPClass)
{
$oRefClass = new ReflectionClass($sPHPClass);
if ($oRefClass->implementsInterface('iRestServiceProvider'))
{
$aProviders[] = new $sPHPClass;
}
}
$aOpToRestService = array(); // verb => $oRestServiceProvider
foreach ($aProviders as $oRestSP)
{
$aOperations = $oRestSP->ListOperations($sVersion);
foreach ($aOperations as $aOpData)
{
$aOpToRestService[$aOpData['verb']] = array
(
'service_provider' => $oRestSP,
'description' => $aOpData['description'],
);
}
}
if (count($aOpToRestService) == 0)
{
throw new Exception("There is no service available for version '$sVersion'", RestResult::UNSUPPORTED_VERSION);
}
$sOperation = RestUtils::GetMandatoryParam($aJsonData, 'operation');
if ($sOperation == 'list_operations')
{
$oResult = new RestResultListOperations();
$oResult->message = "Operations: ".count($aOpToRestService);
$oResult->version = $sVersion;
foreach ($aOpToRestService as $sVerb => $aOpData)
{
$oResult->AddOperation($sVerb, $aOpData['description'], get_class($aOpData['service_provider']));
}
}
else
{
if (!array_key_exists($sOperation, $aOpToRestService))
{
throw new Exception("Unknown verb '$sOperation' in version '$sVersion'", RestResult::UNKNOWN_OPERATION);
}
$oRS = $aOpToRestService[$sOperation]['service_provider'];
$oResult = $oRS->ExecOperation($sVersion, $sOperation, $aJsonData);
}
}
catch(Exception $e)
{
$oResult = new RestResult();
if ($e->GetCode() == 0)
{
$oResult->code = RestResult::INTERNAL_ERROR;
}
else
{
$oResult->code = $e->GetCode();
}
$oResult->message = "Error: ".$e->GetMessage();
}
// Output the results
//
$oP->add_header('Access-Control-Allow-Origin: *');
$sCallback = utils::ReadParam('callback', null);
if ($sCallback == null)
{
$oP->SetContentType('application/json');
$oP->add(json_encode($oResult));
}
else
{
$oP->SetContentType('application/javascript');
$oP->add($sCallback.'('.json_encode($oResult).')');
}
$oP->Output();
?>
Reference in New Issue View Git Blame Copy Permalink