protected static function _get_key() { $key = Config::get('api', 'key'); if ($key === NULL) { throw HTTP_API_Exception::factory(API::ERROR_TOKEN, 'API key not generated. Generate a new key in the site settings.'); } return $key; }
protected function _get_datasource($ds_id) { $ds = Datasource_Section::load($ds_id); if ($ds === NULL) { throw HTTP_API_Exception::factory(API::ERROR_UNKNOWN, 'Datasource section not found'); } return $ds; }
public function rest_delete() { if (!ACL::check('dshboard.empty')) { throw HTTP_API_Exception::factory(API::ERROR_PERMISSIONS, 'You don\'t have permission to :permission', array(':permission' => __('Empty dashboard'))); } Dashboard::remove_data(); Cache::register_shutdown_function(); Kohana::$log->add(Log::INFO, ':user empty dashboard')->write(); $this->message('Dashboard is empty!'); }
public function get_clear() { if (!ACL::check('system.session.clear')) { throw HTTP_API_Exception::factory(API::ERROR_PERMISSIONS, 'You don\'t have permission to :permission', array(':permission' => __('Сlear user sessions'))); } if (Session::$default == 'database') { DB::delete('sessions')->execute(); Kohana::$log->add(Log::INFO, ':user clear user sessions')->write(); $this->message('User sessions has been cleared!'); } }
public function rest_delete() { if (!ACL::check('system.cache.clear')) { throw HTTP_API_Exception::factory(API::ERROR_PERMISSIONS, 'You don\'t have permission to :permission', array(':permission' => __('Сlear cache'))); } if (Kohana::$caching === TRUE) { Cache::register_shutdown_function(); } Kohana::$log->add(Log::INFO, ':user clear cache')->write(); $this->message('Cache has been cleared!'); }
public function rest_delete() { $snippet_name = $this->param('name', NULL, TRUE); $snippet = new Model_File_Snippet($snippet_name); if (!$snippet->is_exists()) { throw HTTP_API_Exception::factory(API::ERROR_PAGE_NOT_FOUND, 'Snippet :name not found!', array(':name' => $snippet_name)); } if ($snippet->delete()) { $this->response($snippet); } else { throw HTTP_API_Exception::factory(API::ERROR_UNKNOWN, 'Snippet :name has not been deleted!', array(':name' => $snippet_name)); } }
public function rest_put() { if (!ACL::check('plugins.change_status')) { throw HTTP_API_Exception::factory(API::ERROR_PERMISSIONS, 'You don\'t have permission to :permission', array(':permission' => __('Install or uninstall plugin'))); } Plugins::find_all(); $plugin = Plugins::get_registered($this->param('id', NULL, TRUE)); if (!$plugin->is_activated() and (bool) $this->param('installed') === TRUE) { $plugin->activate(); } else { $plugin->deactivate((bool) $this->param('remove_data')); } Kohana::$log->add(Log::INFO, ':user :action plugin :name', array(':action' => $plugin->is_activated() ? 'activate' : 'deactivate', ':name' => $plugin->title()))->write(); $this->response($this->_get_info($plugin)); }
public function post_refresh() { if (!ACL::check('system.api.refresh_key')) { throw HTTP_API_Exception::factory(API::ERROR_PERMISSIONS, 'You don\'t have permission to :permission', array(':permission' => __('Refresh API key'))); } $key_exists = Config::get('api', 'key') !== NULL; $key = $this->param('key', NULL, $key_exists); if ($key_exists === TRUE) { $key = ORM::factory('api_key')->refresh($key); } else { $key = ORM::factory('api_key')->generate('KodiCMS API key'); } Config::set('api', 'key', $key); $this->response($key); }
public function rest_delete() { $layout_name = $this->param('name', NULL, TRUE); $layout = new Model_File_Layout($layout_name); if (!$layout->is_exists()) { throw HTTP_API_Exception::factory(API::ERROR_PAGE_NOT_FOUND, 'Layout not found!', array(':name' => $layout_name)); } // find the user to delete if (!$layout->is_used()) { if ($layout->delete()) { $this->response($layout); } else { throw HTTP_API_Exception::factory(API::ERROR_UNKNOWN, 'Something went wrong!'); } } else { throw HTTP_API_Exception::factory(API::ERROR_PERMISSIONS, 'Layout is used! It CAN NOT be deleted!'); } }
/** * * @global type $table_name * @param array $fields * @param array $related_columns * @param array $remove_fields * @return array * @throws HTTP_API_Exception */ public function filtered_fields($fields, $remove_fields = array()) { if (!is_array($fields)) { $fields = array($fields); } $secured_fields = array_intersect($this->_secured_columns, $fields); // Exclude fields $fields = array_diff($fields, $remove_fields); // TODO сделать проверку токена, выдаваемого под API if (!empty($secured_fields) and !Auth::is_logged_in('login')) { throw HTTP_API_Exception::factory(API::ERROR_PERMISSIONS, 'You don`t have permissions to access to this fields (:fields).', array(':fields' => implode(', ', $secured_fields))); } $fields = array_intersect(array_keys($this->_table_columns), $fields); foreach ($fields as $i => $field) { $fields[$i] = $this->table_name() . '.' . $field; } return $fields; }
public function get_database() { if (!ACL::check('update.database_apply')) { throw HTTP_API_Exception::factory(API::ERROR_PERMISSIONS, 'You don\'t have permission to :permission', array(':permission' => __('Update database'))); } $db_sql = Database_Helper::schema(); $file_sql = Database_Helper::install_schema(); $compare = new Database_Helper(); $diff = $compare->get_updates($db_sql, $file_sql, TRUE); try { Database_Helper::insert_sql($diff); $this->message('Database schema updated successfully!'); Cache::instance()->delete(Update::CACHE_KEY_DB_SHEMA); $this->response(TRUE); } catch (Exception $ex) { $this->message('Something went wrong!'); $this->response(FALSE); } Kohana::$log->add(Log::INFO, ':user update database')->write(); }
public function execute() { if ($this->request->action() == 'index' or $this->request->action() == '') { $action = 'rest_' . $this->request->method(); } else { // Determine the action to use $action = $this->request->method() . '_' . $this->request->action(); } $action = strtolower($action); try { // Execute the "before action" method $this->before(); // If the action doesn't exist, it's a 404 if (!method_exists($this, $action)) { throw HTTP_API_Exception::factory(API::ERROR_PAGE_NOT_FOUND, 'The requested method ":method" was not found on this server.', array(':method' => $action))->request($this->request); } // Execute the action itself $this->{$action}(); } catch (HTTP_API_Exception $e) { $this->json = $e->get_response(); } catch (API_Validation_Exception $e) { $this->json = $e->get_response(); } catch (ORM_Validation_Exception $e) { $this->json = array('code' => API::ERROR_VALIDATION, 'message' => array(rawurlencode($e->getMessage())), 'response' => NULL, 'errors' => $e->errors('validation')); } catch (Validation_Exception $e) { $this->json = array('code' => API::ERROR_VALIDATION, 'message' => array(rawurlencode($e->getMessage())), 'response' => NULL, 'errors' => $e->errors('validation')); } catch (Exception $e) { $this->json['code'] = $e->getCode(); $this->json['line'] = $e->getLine(); $this->json['file'] = $e->getFile(); $this->json['message'][] = $e->getMessage(); $this->json['response'] = NULL; } // Execute the "after action" method $this->after(); // Return the response return $this->response; }
public function post_upload() { $file = $this->param('file', array(), TRUE); if (!is_dir(BACKUP_PLUGIN_FOLDER)) { throw HTTP_API_Exception::factory(API::ERROR_UNKNOWN, 'Folder (:folder) not exist!', array(':folder' => BACKUP_PLUGIN_FOLDER)); } if (!is_writable(BACKUP_PLUGIN_FOLDER)) { throw HTTP_API_Exception::factory(API::ERROR_UNKNOWN, 'Folder (:folder) must be writable!', array(':folder' => BACKUP_PLUGIN_FOLDER)); } # Проверяем на расширение if (!Upload::type($file, array('sql', 'zip'))) { throw HTTP_API_Exception::factory(API::ERROR_UNKNOWN, 'Bad format of file!'); } $ext = pathinfo($file['name'], PATHINFO_EXTENSION); # Имя файла $filename = 'uploaded-' . date('YmdHis') . '-' . $file['name']; Upload::$default_directory = BACKUP_PLUGIN_FOLDER; # Cохраняем оригинал и продолжаем работать, если ок: if ($file = Upload::save($file, $filename, NULL, 0777)) { $this->response(__('File :filename successfully uploaded', array(':filename' => $filename))); Kohana::$log->add(Log::ALERT, 'Backup file :filename uploaded by :user', array(':filename' => $filename))->write(); } }
/** * Проверка токена на валидность * * @throws HTTP_API_Exception */ protected function _check_token() { $token = $this->param('token', NULL, TRUE); if (!Security::check($token)) { Kohana::$log->add(Log::NOTICE, 'Error security token')->write(); throw HTTP_API_Exception::factory(API::ERROR_TOKEN, 'Error security token'); } }
protected function _get_field() { $field_id = $this->param('id', NULL, TRUE); $field = DataSource_Hybrid_Field_Factory::get_field($field_id); if ($field === NULL) { throw HTTP_API_Exception::factory(API::ERROR_UNKNOWN, 'Field not found!'); } return $field; }