X-Git-Url: https://git.mxchange.org/?a=blobdiff_plain;f=src%2FModule%2FBaseApi.php;h=29ca755e05f949522189a5ee91111de259748dcd;hb=d86045058e7f507de9f9583ac03bdbb196d86695;hp=3e6f8a2a2a9fc90e28fda7e42057694607efa2a8;hpb=fc283ab92858238a5a55f24b1d1650bb72068b7d;p=friendica.git diff --git a/src/Module/BaseApi.php b/src/Module/BaseApi.php index 3e6f8a2a2a..29ca755e05 100644 --- a/src/Module/BaseApi.php +++ b/src/Module/BaseApi.php @@ -1,6 +1,6 @@ getCommand(), -4) === '.xml') { - self::$format = 'xml'; - } - if (substr($arguments->getCommand(), -4) === '.rss') { - self::$format = 'rss'; - } - if (substr($arguments->getCommand(), -4) === '.atom') { - self::$format = 'atom'; - } - } - - public static function delete(array $parameters = []) - { - self::checkAllowedScope(self::SCOPE_WRITE); - - $a = DI::app(); - - if (empty($a->getUserId()) || $a->getUserId() != self::getCurrentUserID()) { - throw new HTTPException\ForbiddenException(DI::l10n()->t('Permission denied.')); - } - } - - public static function patch(array $parameters = []) - { - self::checkAllowedScope(self::SCOPE_WRITE); - - $a = DI::app(); + /** @var App */ + protected $app; - if (empty($a->getUserId()) || $a->getUserId() != self::getCurrentUserID()) { - throw new HTTPException\ForbiddenException(DI::l10n()->t('Permission denied.')); - } - } - - public static function post(array $parameters = []) - { - self::checkAllowedScope(self::SCOPE_WRITE); - - $a = DI::app(); + /** @var ApiResponse */ + protected $response; - if (empty($a->getUserId()) || $a->getUserId() != self::getCurrentUserID()) { - throw new HTTPException\ForbiddenException(DI::l10n()->t('Permission denied.')); - } - } - - public static function put(array $parameters = []) + public function __construct(App $app, L10n $l10n, App\BaseURL $baseUrl, App\Arguments $args, LoggerInterface $logger, Profiler $profiler, ApiResponse $response, array $server, array $parameters = []) { - self::checkAllowedScope(self::SCOPE_WRITE); + parent::__construct($l10n, $baseUrl, $args, $logger, $profiler, $response, $server, $parameters); - $a = DI::app(); - - if (empty($a->getUserId()) || $a->getUserId() != self::getCurrentUserID()) { - throw new HTTPException\ForbiddenException(DI::l10n()->t('Permission denied.')); - } + $this->app = $app; } /** - * Quit execution with the message that the endpoint isn't implemented + * Additionally checks, if the caller is permitted to do this action * - * @param string $method - * @return void + * {@inheritDoc} + * + * @throws HTTPException\ForbiddenException */ - public static function unsupported(string $method = 'all') + public function run(ModuleHTTPException $httpException, array $request = [], bool $scopecheck = true): ResponseInterface { - $path = DI::args()->getQueryString(); - Logger::info('Unimplemented API call', ['method' => $method, 'path' => $path, 'agent' => $_SERVER['HTTP_USER_AGENT'] ?? '', 'request' => HTTPInputData::process()]); - $error = DI::l10n()->t('API endpoint %s %s is not implemented', strtoupper($method), $path); - $error_description = DI::l10n()->t('The API endpoint is currently not implemented but might be in the future.'); - $errorobj = new \Friendica\Object\Api\Mastodon\Error($error, $error_description); - System::jsonError(501, $errorobj->toArray()); + if ($scopecheck) { + switch ($this->args->getMethod()) { + case Router::DELETE: + case Router::PATCH: + case Router::POST: + case Router::PUT: + self::checkAllowedScope(self::SCOPE_WRITE); + + if (!self::getCurrentUserID()) { + throw new HTTPException\ForbiddenException($this->t('Permission denied.')); + } + break; + } + } + + return parent::run($httpException, $request); } /** * Processes data from GET requests and sets defaults * + * @param array $defaults Associative array of expected request keys and their default typed value. A null + * value will remove the request key from the resulting value array. + * @param array $request Custom REQUEST array, superglobal instead * @return array request data + * @throws \Exception */ - public static function getRequest(array $defaults) + public function getRequest(array $defaults, array $request): array { - $httpinput = HTTPInputData::process(); - $input = array_merge($httpinput['variables'], $httpinput['files'], $_REQUEST); - - self::$request = $input; + self::$request = $request; self::$boundaries = []; unset(self::$request['pagename']); - $request = []; - - foreach ($defaults as $parameter => $defaultvalue) { - if (is_string($defaultvalue)) { - $request[$parameter] = $input[$parameter] ?? $defaultvalue; - } elseif (is_int($defaultvalue)) { - $request[$parameter] = (int)($input[$parameter] ?? $defaultvalue); - } elseif (is_float($defaultvalue)) { - $request[$parameter] = (float)($input[$parameter] ?? $defaultvalue); - } elseif (is_array($defaultvalue)) { - $request[$parameter] = $input[$parameter] ?? []; - } elseif (is_bool($defaultvalue)) { - $request[$parameter] = in_array(strtolower($input[$parameter] ?? ''), ['true', '1']); - } else { - Logger::notice('Unhandled default value type', ['parameter' => $parameter, 'type' => gettype($defaultvalue)]); - } - } - - foreach ($input ?? [] as $parameter => $value) { - if ($parameter == 'pagename') { - continue; - } - if (!in_array($parameter, array_keys($defaults))) { - Logger::notice('Unhandled request field', ['parameter' => $parameter, 'value' => $value, 'command' => DI::args()->getCommand()]); - } - } - - Logger::debug('Got request parameters', ['request' => $request, 'command' => DI::args()->getCommand()]); - return $request; + return $this->checkDefaults($defaults, $request); } /** * Set boundaries for the "link" header * @param array $boundaries * @param int $id - * @return array */ protected static function setBoundaries(int $id) { @@ -198,13 +140,13 @@ class BaseApi extends BaseModule } /** - * Set the "link" header with "next" and "prev" links - * @return void + * Get the "link" header with "next" and "prev" links + * @return string */ - protected static function setLinkHeader() + protected static function getLinkHeader(): string { if (empty(self::$boundaries)) { - return; + return ''; } $request = self::$request; @@ -223,7 +165,19 @@ class BaseApi extends BaseModule $prev = $command . '?' . http_build_query($prev_request); $next = $command . '?' . http_build_query($next_request); - header('Link: <' . $next . '>; rel="next", <' . $prev . '>; rel="prev"'); + return 'Link: <' . $next . '>; rel="next", <' . $prev . '>; rel="prev"'; + } + + /** + * Set the "link" header with "next" and "prev" links + * @return void + */ + protected static function setLinkHeader() + { + $header = self::getLinkHeader(); + if (!empty($header)) { + header($header); + } } /** @@ -231,7 +185,7 @@ class BaseApi extends BaseModule * * @return array token */ - protected static function getCurrentApplication() + public static function getCurrentApplication() { $token = OAuth::getCurrentApplicationToken(); @@ -247,7 +201,7 @@ class BaseApi extends BaseModule * * @return int User ID */ - protected static function getCurrentUserID() + public static function getCurrentUserID() { $uid = OAuth::getCurrentUserID(); @@ -293,11 +247,11 @@ class BaseApi extends BaseModule if ($throttle_day > 0) { $datefrom = date(DateTimeFormat::MYSQL, time() - 24*60*60); - $condition = ["`gravity` = ? AND `uid` = ? AND `wall` AND `received` > ?", GRAVITY_PARENT, $uid, $datefrom]; + $condition = ["`gravity` = ? AND `uid` = ? AND `wall` AND `received` > ?", Item::GRAVITY_PARENT, $uid, $datefrom]; $posts_day = Post::countThread($condition); if ($posts_day > $throttle_day) { - Logger::info('Daily posting limit reached', ['uid' => $uid, 'posts' => $posts_day, 'limit' => $throttle_day]); + Logger::notice('Daily posting limit reached', ['uid' => $uid, 'posts' => $posts_day, 'limit' => $throttle_day]); $error = DI::l10n()->t('Too Many Requests'); $error_description = DI::l10n()->tt("Daily posting limit of %d post reached. The post was rejected.", "Daily posting limit of %d posts reached. The post was rejected.", $throttle_day); $errorobj = new \Friendica\Object\Api\Mastodon\Error($error, $error_description); @@ -309,11 +263,11 @@ class BaseApi extends BaseModule if ($throttle_week > 0) { $datefrom = date(DateTimeFormat::MYSQL, time() - 24*60*60*7); - $condition = ["`gravity` = ? AND `uid` = ? AND `wall` AND `received` > ?", GRAVITY_PARENT, $uid, $datefrom]; + $condition = ["`gravity` = ? AND `uid` = ? AND `wall` AND `received` > ?", Item::GRAVITY_PARENT, $uid, $datefrom]; $posts_week = Post::countThread($condition); if ($posts_week > $throttle_week) { - Logger::info('Weekly posting limit reached', ['uid' => $uid, 'posts' => $posts_week, 'limit' => $throttle_week]); + Logger::notice('Weekly posting limit reached', ['uid' => $uid, 'posts' => $posts_week, 'limit' => $throttle_week]); $error = DI::l10n()->t('Too Many Requests'); $error_description = DI::l10n()->tt("Weekly posting limit of %d post reached. The post was rejected.", "Weekly posting limit of %d posts reached. The post was rejected.", $throttle_week); $errorobj = new \Friendica\Object\Api\Mastodon\Error($error, $error_description); @@ -325,81 +279,44 @@ class BaseApi extends BaseModule if ($throttle_month > 0) { $datefrom = date(DateTimeFormat::MYSQL, time() - 24*60*60*30); - $condition = ["`gravity` = ? AND `uid` = ? AND `wall` AND `received` > ?", GRAVITY_PARENT, $uid, $datefrom]; + $condition = ["`gravity` = ? AND `uid` = ? AND `wall` AND `received` > ?", Item::GRAVITY_PARENT, $uid, $datefrom]; $posts_month = Post::countThread($condition); if ($posts_month > $throttle_month) { - Logger::info('Monthly posting limit reached', ['uid' => $uid, 'posts' => $posts_month, 'limit' => $throttle_month]); + Logger::notice('Monthly posting limit reached', ['uid' => $uid, 'posts' => $posts_month, 'limit' => $throttle_month]); $error = DI::l10n()->t('Too Many Requests'); - $error_description = DI::l10n()->t("Monthly posting limit of %d post reached. The post was rejected.", "Monthly posting limit of %d posts reached. The post was rejected.", $throttle_month); + $error_description = DI::l10n()->tt('Monthly posting limit of %d post reached. The post was rejected.', 'Monthly posting limit of %d posts reached. The post was rejected.', $throttle_month); $errorobj = new \Friendica\Object\Api\Mastodon\Error($error, $error_description); System::jsonError(429, $errorobj->toArray()); } } } - /** - * Get user info array. - * - * @param int|string $contact_id Contact ID or URL - * @return array|bool - * @throws HTTPException\BadRequestException - * @throws HTTPException\InternalServerErrorException - * @throws HTTPException\UnauthorizedException - * @throws \ImagickException - */ - protected static function getUser($contact_id = null) + public static function getContactIDForSearchterm(string $screen_name = null, string $profileurl = null, int $cid = null, int $uid) { - return api_get_user(DI::app(), $contact_id); - } + if (!empty($cid)) { + return $cid; + } - /** - * Formats the data according to the data type - * - * @param string $root_element - * @param array $data An array with a single element containing the returned result - * @return false|string - */ - protected static function format(string $root_element, array $data) - { - $return = api_format_data($root_element, self::$format, $data); - - switch (self::$format) { - case "xml": - header("Content-Type: text/xml"); - break; - case "json": - header("Content-Type: application/json"); - if (!empty($return)) { - $json = json_encode(end($return)); - if (!empty($_GET['callback'])) { - $json = $_GET['callback'] . "(" . $json . ")"; - } - $return = $json; - } - break; - case "rss": - header("Content-Type: application/rss+xml"); - $return = '' . "\n" . $return; - break; - case "atom": - header("Content-Type: application/atom+xml"); - $return = '' . "\n" . $return; - break; + if (!empty($profileurl)) { + return Contact::getIdForURL($profileurl); } - return $return; - } + if (empty($cid) && !empty($screen_name)) { + if (strpos($screen_name, '@') !== false) { + return Contact::getIdForURL($screen_name, 0, false); + } - /** - * Creates the XML from a JSON style array - * - * @param $data - * @param $root_element - * @return string - */ - protected static function createXml($data, $root_element) - { - return api_create_xml($data, $root_element); + $user = User::getByNickname($screen_name, ['uid']); + if (!empty($user['uid'])) { + return Contact::getPublicIdByUserId($user['uid']); + } + } + + if ($uid != 0) { + return Contact::getPublicIdByUserId($uid); + } + + return null; } }