protected static function _get_key()
{
$key = Config::get('api', 'key');
if ($key === NULL) {
throw HTTP_API_Exception::factory(API::ERROR_TOKEN, 'API key not generated. Generate a new key in the site settings.');
}
return $key;
}
protected function _get_datasource($ds_id)
{
$ds = Datasource_Section::load($ds_id);
if ($ds === NULL) {
throw HTTP_API_Exception::factory(API::ERROR_UNKNOWN, 'Datasource section not found');
}
return $ds;
}
public function rest_delete()
{
if (!ACL::check('dshboard.empty')) {
throw HTTP_API_Exception::factory(API::ERROR_PERMISSIONS, 'You don\'t have permission to :permission', array(':permission' => __('Empty dashboard')));
}
Dashboard::remove_data();
Cache::register_shutdown_function();
Kohana::$log->add(Log::INFO, ':user empty dashboard')->write();
$this->message('Dashboard is empty!');
}
public function get_clear()
{
if (!ACL::check('system.session.clear')) {
throw HTTP_API_Exception::factory(API::ERROR_PERMISSIONS, 'You don\'t have permission to :permission', array(':permission' => __('Сlear user sessions')));
}
if (Session::$default == 'database') {
DB::delete('sessions')->execute();
Kohana::$log->add(Log::INFO, ':user clear user sessions')->write();
$this->message('User sessions has been cleared!');
}
}
public function rest_delete()
{
if (!ACL::check('system.cache.clear')) {
throw HTTP_API_Exception::factory(API::ERROR_PERMISSIONS, 'You don\'t have permission to :permission', array(':permission' => __('Сlear cache')));
}
if (Kohana::$caching === TRUE) {
Cache::register_shutdown_function();
}
Kohana::$log->add(Log::INFO, ':user clear cache')->write();
$this->message('Cache has been cleared!');
}
public function rest_delete()
{
$snippet_name = $this->param('name', NULL, TRUE);
$snippet = new Model_File_Snippet($snippet_name);
if (!$snippet->is_exists()) {
throw HTTP_API_Exception::factory(API::ERROR_PAGE_NOT_FOUND, 'Snippet :name not found!', array(':name' => $snippet_name));
}
if ($snippet->delete()) {
$this->response($snippet);
} else {
throw HTTP_API_Exception::factory(API::ERROR_UNKNOWN, 'Snippet :name has not been deleted!', array(':name' => $snippet_name));
}
}
public function rest_put()
{
if (!ACL::check('plugins.change_status')) {
throw HTTP_API_Exception::factory(API::ERROR_PERMISSIONS, 'You don\'t have permission to :permission', array(':permission' => __('Install or uninstall plugin')));
}
Plugins::find_all();
$plugin = Plugins::get_registered($this->param('id', NULL, TRUE));
if (!$plugin->is_activated() and (bool) $this->param('installed') === TRUE) {
$plugin->activate();
} else {
$plugin->deactivate((bool) $this->param('remove_data'));
}
Kohana::$log->add(Log::INFO, ':user :action plugin :name', array(':action' => $plugin->is_activated() ? 'activate' : 'deactivate', ':name' => $plugin->title()))->write();
$this->response($this->_get_info($plugin));
}
public function post_refresh()
{
if (!ACL::check('system.api.refresh_key')) {
throw HTTP_API_Exception::factory(API::ERROR_PERMISSIONS, 'You don\'t have permission to :permission', array(':permission' => __('Refresh API key')));
}
$key_exists = Config::get('api', 'key') !== NULL;
$key = $this->param('key', NULL, $key_exists);
if ($key_exists === TRUE) {
$key = ORM::factory('api_key')->refresh($key);
} else {
$key = ORM::factory('api_key')->generate('KodiCMS API key');
}
Config::set('api', 'key', $key);
$this->response($key);
}
public function rest_delete()
{
$layout_name = $this->param('name', NULL, TRUE);
$layout = new Model_File_Layout($layout_name);
if (!$layout->is_exists()) {
throw HTTP_API_Exception::factory(API::ERROR_PAGE_NOT_FOUND, 'Layout not found!', array(':name' => $layout_name));
}
// find the user to delete
if (!$layout->is_used()) {
if ($layout->delete()) {
$this->response($layout);
} else {
throw HTTP_API_Exception::factory(API::ERROR_UNKNOWN, 'Something went wrong!');
}
} else {
throw HTTP_API_Exception::factory(API::ERROR_PERMISSIONS, 'Layout is used! It CAN NOT be deleted!');
}
}
/**
*
* @global type $table_name
* @param array $fields
* @param array $related_columns
* @param array $remove_fields
* @return array
* @throws HTTP_API_Exception
*/
public function filtered_fields($fields, $remove_fields = array())
{
if (!is_array($fields)) {
$fields = array($fields);
}
$secured_fields = array_intersect($this->_secured_columns, $fields);
// Exclude fields
$fields = array_diff($fields, $remove_fields);
// TODO сделать проверку токена, выдаваемого под API
if (!empty($secured_fields) and !Auth::is_logged_in('login')) {
throw HTTP_API_Exception::factory(API::ERROR_PERMISSIONS, 'You don`t have permissions to access to this fields (:fields).', array(':fields' => implode(', ', $secured_fields)));
}
$fields = array_intersect(array_keys($this->_table_columns), $fields);
foreach ($fields as $i => $field) {
$fields[$i] = $this->table_name() . '.' . $field;
}
return $fields;
}
public function get_database()
{
if (!ACL::check('update.database_apply')) {
throw HTTP_API_Exception::factory(API::ERROR_PERMISSIONS, 'You don\'t have permission to :permission', array(':permission' => __('Update database')));
}
$db_sql = Database_Helper::schema();
$file_sql = Database_Helper::install_schema();
$compare = new Database_Helper();
$diff = $compare->get_updates($db_sql, $file_sql, TRUE);
try {
Database_Helper::insert_sql($diff);
$this->message('Database schema updated successfully!');
Cache::instance()->delete(Update::CACHE_KEY_DB_SHEMA);
$this->response(TRUE);
} catch (Exception $ex) {
$this->message('Something went wrong!');
$this->response(FALSE);
}
Kohana::$log->add(Log::INFO, ':user update database')->write();
}
public function execute()
{
if ($this->request->action() == 'index' or $this->request->action() == '') {
$action = 'rest_' . $this->request->method();
} else {
// Determine the action to use
$action = $this->request->method() . '_' . $this->request->action();
}
$action = strtolower($action);
try {
// Execute the "before action" method
$this->before();
// If the action doesn't exist, it's a 404
if (!method_exists($this, $action)) {
throw HTTP_API_Exception::factory(API::ERROR_PAGE_NOT_FOUND, 'The requested method ":method" was not found on this server.', array(':method' => $action))->request($this->request);
}
// Execute the action itself
$this->{$action}();
} catch (HTTP_API_Exception $e) {
$this->json = $e->get_response();
} catch (API_Validation_Exception $e) {
$this->json = $e->get_response();
} catch (ORM_Validation_Exception $e) {
$this->json = array('code' => API::ERROR_VALIDATION, 'message' => array(rawurlencode($e->getMessage())), 'response' => NULL, 'errors' => $e->errors('validation'));
} catch (Validation_Exception $e) {
$this->json = array('code' => API::ERROR_VALIDATION, 'message' => array(rawurlencode($e->getMessage())), 'response' => NULL, 'errors' => $e->errors('validation'));
} catch (Exception $e) {
$this->json['code'] = $e->getCode();
$this->json['line'] = $e->getLine();
$this->json['file'] = $e->getFile();
$this->json['message'][] = $e->getMessage();
$this->json['response'] = NULL;
}
// Execute the "after action" method
$this->after();
// Return the response
return $this->response;
}
public function post_upload()
{
$file = $this->param('file', array(), TRUE);
if (!is_dir(BACKUP_PLUGIN_FOLDER)) {
throw HTTP_API_Exception::factory(API::ERROR_UNKNOWN, 'Folder (:folder) not exist!', array(':folder' => BACKUP_PLUGIN_FOLDER));
}
if (!is_writable(BACKUP_PLUGIN_FOLDER)) {
throw HTTP_API_Exception::factory(API::ERROR_UNKNOWN, 'Folder (:folder) must be writable!', array(':folder' => BACKUP_PLUGIN_FOLDER));
}
# Проверяем на расширение
if (!Upload::type($file, array('sql', 'zip'))) {
throw HTTP_API_Exception::factory(API::ERROR_UNKNOWN, 'Bad format of file!');
}
$ext = pathinfo($file['name'], PATHINFO_EXTENSION);
# Имя файла
$filename = 'uploaded-' . date('YmdHis') . '-' . $file['name'];
Upload::$default_directory = BACKUP_PLUGIN_FOLDER;
# Cохраняем оригинал и продолжаем работать, если ок:
if ($file = Upload::save($file, $filename, NULL, 0777)) {
$this->response(__('File :filename successfully uploaded', array(':filename' => $filename)));
Kohana::$log->add(Log::ALERT, 'Backup file :filename uploaded by :user', array(':filename' => $filename))->write();
}
}
/**
* Проверка токена на валидность
*
* @throws HTTP_API_Exception
*/
protected function _check_token()
{
$token = $this->param('token', NULL, TRUE);
if (!Security::check($token)) {
Kohana::$log->add(Log::NOTICE, 'Error security token')->write();
throw HTTP_API_Exception::factory(API::ERROR_TOKEN, 'Error security token');
}
}
protected function _get_field()
{
$field_id = $this->param('id', NULL, TRUE);
$field = DataSource_Hybrid_Field_Factory::get_field($field_id);
if ($field === NULL) {
throw HTTP_API_Exception::factory(API::ERROR_UNKNOWN, 'Field not found!');
}
return $field;
}
