예제 #1
0
 /**
  * @covers Api::checkScope
  */
 public function testCheckScope()
 {
     $this->assertFalse($this->object->checkScope('user'), 'Unknown user should not have "user" in scope');
     $this->object->requesterId = 1;
     $this->assertTrue($this->object->checkScope('user'), 'User should have "user" in scope');
     $this->assertFalse($this->object->checkScope('xxx'), 'User should not have "xxx" in scope');
     $this->object->requesterId = 99;
     $this->assertFalse($this->object->checkScope('user'), 'Unknown user should not have "user" in scope');
 }
예제 #2
0
     $artist = new Artist();
     if (!$artist->populate(['id' => $id])) {
         $api->output(404, 'Artist not found');
         //indicate the artist was not found
         return;
     }
     $artist->getTracks();
     $api->output(200, $artist->structureData());
     break;
 case 'DELETE':
     //delete artist and all his tracks
     if (!$api->checkAuth()) {
         //User not authentified/authorized
         return;
     }
     if (!$api->checkScope('admin')) {
         $api->output(403, 'Admin scope is required for deleting artist');
         //indicate the requester do not have the required scope for deleting artist
         return;
     }
     if (!$api->checkParameterExists('id', $id)) {
         $api->output(400, 'Artist identifier must be provided');
         //artist was not provided, return an error
         return;
     }
     $artist = new Artist($id);
     if (!$artist->delete()) {
         $api->output(500, 'Error during artist deletion');
         //something gone wrong :(
         return;
     }
예제 #3
0
 *
 * @api
 */
require_once $_SERVER['DOCUMENT_ROOT'] . '/server/lib/Configuration.php';
require_once $_SERVER['DOCUMENT_ROOT'] . '/server/lib/Api.php';
require_once $_SERVER['DOCUMENT_ROOT'] . '/server/lib/User.php';
$api = new Api('json', ['GET', 'PUT', 'POST']);
switch ($api->method) {
    case 'GET':
        if (!$api->checkAuth()) {
            //User not authentified/authorized
            return;
        }
        if (!$api->checkParameterExists('id', $id)) {
            //without 'id' parameter, users list is requested, check if current user is granted
            if (!$api->checkScope('admin')) {
                $api->output(403, 'Admin scope is required for listing users');
                //current user has no admin scope, return forbidden
                return;
            }
            //returns all users
            $user = new User();
            $rawUsers = $user->getAllUsers();
            if ($rawUsers === false) {
                $api->output(500, 'Error while querying');
                //return an internal error
                return;
            }
            $users = array();
            foreach ($rawUsers as $user) {
                array_push($users, $user->getProfile());