This repository has been archived by the owner on Dec 20, 2023. It is now read-only.
/
jobs.php
118 lines (105 loc) · 4.12 KB
/
jobs.php
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
<?php
// Import some functions we're going to need
require 'php_functions.php';
require 'db_functions.php';
/* -------------- Main body -------------- */
try {
if (session_start() == false) {
error_log( "Failed to start session. This shouldn't happen.");
}
// Check for the user name and password values
if ( ! isset( $_SERVER['PHP_AUTH_USER']) ||
! isset( $_SERVER['PHP_AUTH_PW']) )
{
// Most browsers will see the following headers and be
// smart enough to ask the user for name and password and
// then retry. Web services apps probably won't, but then
// they should have been smart enough to send the auth
// info without being prompted for it.
header( 'WWW-Authenticate: Basic Realm="Authentication"');
header( 'HTTP/1.1 401 Unauthorized');
return;
}
// Authenticate to the LDAP server. ldap_auth() throws
// an exception if there's an error, so if it returns,
// we know we're good to go.
ldap_auth();
// Check request method (GET or PUT)
if ($_SERVER['REQUEST_METHOD'] == 'GET')
{
// Various "get job" functions here...
// Check the request URI. Requests for individual jobs
// will have a path of ".../jobs/<job-id>
$dirs = explode( "/", $_SERVER['REQUEST_URI']);
if ($dirs[ count($dirs) - 1] == "jobs") {
// Request for all jobs....
list( $http_code, $query_response) = get_jobs($_SERVER['PHP_AUTH_USER']);
// Success code is and 200. Errors are 4xx...
header( sprintf( "HTTP/1.1 %d", $http_code));
echo $query_response;
}
if ($dirs[ count($dirs) - 2] == "jobs") {
// Request for a specific jobID...
list($http_code, $query_response) = get_job( $dirs[count( $dirs) - 1], $_SERVER['PHP_AUTH_USER']);
// Success code is and 200. Errors are 4xx...
header( sprintf( "HTTP/1.1 %d", $http_code));
echo $query_response;
}
}
elseif ($_SERVER['REQUEST_METHOD'] == 'POST')
{
// Verify the username in the attached JSON actually matches
// the user in the auth header
$body = file_get_contents('php://input');
$json_vars = json_decode( $body, true);
if ( isset( $json_vars['user']))
{
if ($json_vars['user'] != $_SERVER['PHP_AUTH_USER'])
{
$msg = "User name in request body doesn't match user name in authorization header";
throw new MwsAuthorizationException( $msg);
}
}
else
{
throw new MwsErrorCodeException( "JSON body must contain a user field.");
}
list( $http_code, $response_body) = submit_job( $body);
// Success codes are 201 and 202. Errors are 4xx...
if ($http_code == 201 || $http_code == 202) {
// Add the job id, user and output file to the database
$json_vars = json_decode( $response_body, true);
$jobID = $json_vars['id'];
$outfile = $_GET['outfile'];
$pdo = open_db();
add_row( $pdo, $jobID, $_SERVER['PHP_AUTH_USER'], $outfile);
# TODO: Should we enforce the existance of outfile?
}
if ($http_code == 201)
header('HTTP/1.1 201 Created');
elseif ($http_code == 202)
header('HTTP/1.1 202 Accepted');
else // should never happen...
header( sprintf( "HTTP/1.1 %d", $http_code));
echo $response_body;
}
else
{
$msg = "Unrecognized request method: " . $_SERVER['REQUEST_METHOD'];
throw new MwsErrorCodeException( $msg);
}
} catch (MwsAuthorizationException $e)
{
header( 'HTTP/1.1 401');
echo "MwsAuthorizationException ";
echo $e->getMessage();
} catch (MwsAuthenticationException $e)
{
header( 'HTTP/1.1 401');
echo "MwsAuthenticationException ";
echo $e->getMessage();
} catch (Exception $e) {
echo "Unknown exception. ";
echo $e->getMessage();
}
?>