/** * @covers Api::checkParameterExists */ public function testCheckParameterExists() { //set method for use in CLI $_SERVER['REQUEST_METHOD'] = 'GET'; $_GET = ['paramOne' => 'valueOne', 'paramTwo' => 'valueTwo']; $this->object = new Api('json', array('GET')); $this->assertTrue($this->object->checkParameterExists('paramOne', $value), 'Query string should have a paramOne key'); $this->assertEquals('valueOne', $value, 'Invalid value for a GET parameter'); $this->object->query['body'] = new stdClass(); $this->object->query['body']->paramBody = 'valueBody'; $this->assertTrue($this->object->checkParameterExists('paramBody', $value), 'Query string should have a paramBody key'); $this->assertEquals('valueBody', $value, 'Invalid value for a POST parameter'); $this->assertFalse($this->object->checkParameterExists('paramNotKnown', $value), 'Query string should not have a paramNotKnown key'); }
* * @version 1.0.0 * * @api */ require_once $_SERVER['DOCUMENT_ROOT'] . '/server/lib/Api.php'; require_once $_SERVER['DOCUMENT_ROOT'] . '/server/lib/Artist.php'; $api = new Api('json', ['GET', 'DELETE', 'PUT']); switch ($api->method) { case 'GET': //returns the artist if (!$api->checkAuth()) { //User not authentified/authorized return; } if (!$api->checkParameterExists('id', $id)) { $api->output(400, 'Artist identifier must be provided'); //artist was not provided, return an error return; } $artist = new Artist(); if (!$artist->populate(['id' => $id])) { $api->output(404, 'Artist not found'); //indicate the artist was not found return; } $artist->getTracks(); $api->output(200, $artist->structureData()); break; case 'DELETE': //delete artist and all his tracks
} if (!$api->checkScope('admin')) { $api->output(403, 'Admin scope is required for the system administration API'); //current user has no admin scope, return forbidden return; } require_once $_SERVER['DOCUMENT_ROOT'] . '/server/lib/Configuration.php'; $configuration = new Configuration(); switch ($api->method) { case 'GET': //returns the settings configuration $api->output(200, $configuration->query()); break; case 'PUT': //update setting if (!$api->checkParameterExists('key', $key)) { $api->output(400, '`Key` must be provided in path'); //Key was not provided, return an error return; } if (!$api->checkParameterExists('value', $value)) { $api->output(400, '`Value` must be provided in body'); //Value was not provided, return an error return; } if (!$configuration->set($key, $value)) { $api->output(500, 'An error occurred while processing your request'); //There was an error during update, return an error return; } $setting = new stdClass();
<?php /** * Authenticate user and create a token. * * Provides a token required for others API call * * @version 1.0.0 * * @api */ require_once $_SERVER['DOCUMENT_ROOT'] . '/server/lib/Api.php'; require_once $_SERVER['DOCUMENT_ROOT'] . '/server/lib/User.php'; $api = new Api('json', ['POST']); switch ($api->method) { case 'POST': if (!$api->checkParameterExists('login', $login) || !$api->checkParameterExists('password', $password)) { $api->output(400, 'Both login and password must be provided'); //login or password was not provided return; } $user = new User(); if (!$user->checkCredentials($login, $password)) { $api->output(401, 'Invalid credentials'); header('WWW-Authenticate: Bearer realm="WMP"'); //invalid credentials return; } $api->output(201, $api->generateToken($user->getProfile())); break; }
* * @version 1.1.0 * * @api */ require_once $_SERVER['DOCUMENT_ROOT'] . '/server/lib/Api.php'; $api = new Api('json', ['POST', 'GET', 'DELETE', 'PUT', 'PATCH']); require_once $_SERVER['DOCUMENT_ROOT'] . '/server/lib/Playlist.php'; switch ($api->method) { case 'GET': //querying a user playlist if (!$api->checkAuth()) { //User not authentified/authorized return false; } if (!$api->checkParameterExists('userId', $userId)) { $api->output(400, 'User identifier must be provided'); //user was not provided, return an error return; } $userId = intval($userId); if ($api->requesterId !== $userId) { $api->output(403, 'Playlist can be queried by its owner only'); //indicate the requester is not the playlist owner and is not allowed to get it return; } $playlist = new Playlist($userId); $playlist->populate(); if (count($playlist->tracks) === 0) { $api->output(204, null); //user's playlist is empty
* * Provides access to MusicBrainz API * * @version 1.0.0 * * @api */ require_once $_SERVER['DOCUMENT_ROOT'] . '/server/lib/Api.php'; $api = new Api('json', ['GET']); switch ($api->method) { case 'GET': if (!$api->checkAuth()) { //User not authentified/authorized return; } if (!$api->checkParameterExists('type', $type)) { $api->output(400, '`Type` value (albums or artists) must be provided in path'); //Type was not provided, return an error return; } require_once $_SERVER['DOCUMENT_ROOT'] . '/server/lib/MusicBrainz.php'; $musicBrainz = new MusicBrainz(); switch ($type) { case 'artist': if (!$api->checkParameterExists('name', $artistName)) { $api->output(400, 'A `name` parameter must be provided in query string for requesting artists'); //Type was not provided, return an error return; } $result = $musicBrainz->searchArtistByName($artistName); if (!$result) {
* @version 1.1.0 */ //manage cache browser: no response needed if (isset($_SERVER['HTTP_IF_MODIFIED_SINCE'])) { header('Last-Modified: ' . $_SERVER['HTTP_IF_MODIFIED_SINCE'], true, 304); return; } //get token parameter require_once $_SERVER['DOCUMENT_ROOT'] . '/server/lib/Api.php'; $api = new Api('base64', ['GET']); if (!$api->checkAuth()) { //User not authentified/authorized return; } //get id parameter if (!$api->checkParameterExists('track', $trackId)) { $api->output(400, 'Track identifier must be sent'); //Track identifier not provided return; } //get file information require_once $_SERVER['DOCUMENT_ROOT'] . '/server/lib/Track.php'; $track = new Track($trackId); $filename = $track->getFile(); if ($filename === false) { $api->output(404, 'Track not found'); //indicate the track was not found return; } //manage cache browser header('Cache-Control: private, max-age=604800, pre-check=604800');