/**
* handler for JSON api requests
*
* @return JSON
*/
public function handle()
{
try {
// init server and request first
$server = new Zend_Json_Server();
$server->setClass('Setup_Frontend_Json', 'Setup');
$server->setClass('Tinebase_Frontend_Json', 'Tinebase');
$server->setAutoHandleExceptions(false);
$server->setAutoEmitResponse(false);
$request = new Zend_Json_Server_Request_Http();
Setup_Core::initFramework();
$method = $request->getMethod();
$jsonKey = isset($_SERVER['HTTP_X_TINE20_JSONKEY']) ? $_SERVER['HTTP_X_TINE20_JSONKEY'] : '';
Tinebase_Core::getLogger()->info(__METHOD__ . '::' . __LINE__ . ' is JSON request. method: ' . $method);
$anonymnousMethods = array('Setup.getAllRegistryData', 'Setup.login', 'Tinebase.getAvailableTranslations', 'Tinebase.getTranslations', 'Tinebase.setLocale');
if (!Setup_Core::configFileExists()) {
$anonymnousMethods = array_merge($anonymnousMethods, array('Setup.envCheck'));
}
// check json key for all methods but some exceptoins
if (!in_array($method, $anonymnousMethods) && Setup_Core::configFileExists() && (empty($jsonKey) || $jsonKey != Setup_Core::get('jsonKey') || !Setup_Core::isRegistered(Setup_Core::USER))) {
if (!Setup_Core::isRegistered(Setup_Core::USER)) {
Setup_Core::getLogger()->INFO(__METHOD__ . '::' . __LINE__ . ' Attempt to request a privileged Json-API method without authorisation from "' . $_SERVER['REMOTE_ADDR'] . '". (session timeout?)');
throw new Tinebase_Exception_AccessDenied('Not Authorised', 401);
} else {
Setup_Core::getLogger()->WARN(__METHOD__ . '::' . __LINE__ . ' Fatal: got wrong json key! (' . $jsonKey . ') Possible CSRF attempt!' . ' affected account: ' . print_r(Setup_Core::getUser(), true) . ' request: ' . print_r($_REQUEST, true));
throw new Tinebase_Exception_AccessDenied('Not Authorised', 401);
}
}
$response = $server->handle($request);
} catch (Exception $exception) {
$response = $this->_handleException($server, $request, $exception);
}
echo $response;
}
/**
* create shared tag
*
* @return Tinebase_Model_Tag
*/
protected function _createSharedTag()
{
$sharedTag = new Tinebase_Model_Tag(array('type' => Tinebase_Model_Tag::TYPE_SHARED, 'name' => 'tag::shared', 'description' => 'this is a shared tag', 'color' => '#009B31'));
$savedSharedTag = $this->_instance->createTag($sharedTag);
$right = new Tinebase_Model_TagRight(array('tag_id' => $savedSharedTag->getId(), 'account_type' => Tinebase_Acl_Rights::ACCOUNT_TYPE_USER, 'account_id' => Setup_Core::getUser()->getId(), 'view_right' => true, 'use_right' => true));
$this->_instance->setRights($right);
$this->_tagIdsToDelete[] = $savedSharedTag->getId();
$this->assertEquals($sharedTag->name, $savedSharedTag->name);
return $savedSharedTag;
}
/**
* test get users with pref function
*
*/
public function testGetUsersWithPref()
{
$this->_instance->{Tinebase_Preference::TIMEZONE} = 'Europe/Nicosia';
$userIds = $this->_instance->getUsersWithPref(Tinebase_Preference::TIMEZONE, 'Europe/Berlin');
$this->assertTrue(!in_array(Setup_Core::getUser()->getId(), $userIds), 'admin user should have other timezone setting');
$this->assertGreaterThan(4, count($userIds), 'too few users found');
$this->_instance->{Tinebase_Preference::TIMEZONE} = 'Europe/Berlin';
}
/**
* Returns registry data of setup
* .
* @see Tinebase_Application_Json_Abstract
*
* @return mixed array 'variable name' => 'data'
*
* @todo add 'titlePostfix' => Tinebase_Config::getInstance()->getConfig(Tinebase_Config::PAGETITLEPOSTFIX, NULL, '')->value here?
*/
public function getRegistryData()
{
// anonymous registry
$registryData = array('configExists' => Setup_Core::configFileExists(), 'version' => array('buildType' => TINE20_BUILDTYPE, 'codeName' => TINE20SETUP_CODENAME, 'packageString' => TINE20SETUP_PACKAGESTRING, 'releaseTime' => TINE20SETUP_RELEASETIME), 'authenticationData' => $this->loadAuthenticationData());
// authenticated or non existent config
if (!Setup_Core::configFileExists() || Setup_Core::isRegistered(Setup_Core::USER)) {
$registryData = array_merge($registryData, $this->checkConfig());
$registryData = array_merge($registryData, array('acceptedTermsVersion' => !empty($registryData['checkDB']) && $this->_controller->isInstalled('Tinebase') ? Setup_Controller::getInstance()->getAcceptedTerms() : 0, 'setupChecks' => $this->envCheck(), 'configData' => $this->loadConfig(), 'emailData' => !empty($registryData['checkDB']) && $this->_controller->isInstalled('Tinebase') ? $this->getEmailConfig() : array(), 'messengerData' => !empty($registryData['checkDB']) && $this->_controller->isInstalled('Tinebase') ? $this->getMessengerConfig() : array()));
}
// if setup user is logged in
if (Setup_Core::isRegistered(Setup_Core::USER)) {
$registryData += array('currentAccount' => Setup_Core::getUser());
}
return $registryData;
}
