/**
  * Configure a dynamic call
  *
  * @return mixed The \V1\APICall object or the error array on fail
  */
 public static function configure_call()
 {
     // Dynamic calls don't work through JS.
     if (\Session::get('public', true) === true) {
         return \Utility::format_error(400, \V1\Err::NO_JS_CALLS, \Lang::get('v1::errors.no_js_calls'));
     }
     // We need API configuration data.
     if (!is_array(\V1\APIRequest::get('configure', false))) {
         return \Utility::format_error(400, \V1\Err::MISSING_CONFIGURE, \Lang::get('v1::errors.missing_configure'));
     }
     // For some reason we can't parse the RAML, so we throw a 500 error.
     if (($api_def = \V1\RAML::parse()) === false) {
         return \Utility::format_error(500);
     } elseif (is_array($api_def)) {
         // Specific error
         return $api_def;
     }
     if (is_string($uri = \V1\APIRequest::get('configure.uri')) && is_string($method = \V1\APIRequest::get('configure.method'))) {
         $api_call = null;
         // Custom calls
         if (\V1\APIRequest::get('api') === 'custom') {
             if (is_string($url = \V1\APIRequest::get('configure.url')) && !empty($url)) {
                 $api_call = \V1\APICall::forge($api_def, $method, $uri, null, true, $url);
             }
             return \Utility::format_error(400, \V1\Err::NO_URL, \Lang::get('v1::errors.no_url'));
         }
         $api_data = \V1\Model\APIs::get_api();
         try {
             // Is it a valid resource?
             $api_def->getResourceByUri($uri)->getMethod($method);
             // We'll validate the call unless both the API provider and calling script deny that protection.
             $custom_dynamic = false;
             if ($api_data['force_validation'] === 0 && \V1\APIRequest::get('no-validate', false) === true) {
                 $custom_dynamic = true;
             }
             $api_call = \V1\APICall::forge($api_def, $method, $uri, null, $custom_dynamic);
         } catch (\Raml\Exception\BadParameter\ResourceNotFoundException $e) {
             // Does the API Provider allow for unconfigured static calls on their server?
             if ($api_data['allow_custom_dynamic'] === 1) {
                 $api_call = \V1\APICall::forge($api_def, $method, $uri, null, true);
             }
         }
         if (is_object($api_call)) {
             if (!empty($api_call->get_errors())) {
                 // Errors from \APICall
                 return $api_call->get_errors();
             } else {
                 // Return the \APICall object
                 return $api_call;
             }
         }
     }
     // Not found
     return \Utility::format_error(400, \V1\Err::BAD_DYNAMIC, \Lang::get('v1::errors.bad_dynamic'));
 }
예제 #2
0
 public function test_parse()
 {
     $this->assertInstanceOf('\\Raml\\APIDefinition', \V1\RAML::parse($this->raml));
 }
 /**
  * Check the speed limits of an API to make sure that the account isn't calling the API more than it's
  * allowed to in the specified time frame.
  * 
  * @return mixed True if the call is within the speed limits, or the error array if it isn't
  */
 private static function check_usage_limits()
 {
     $api_data = \V1\Model\APIs::get_api(\V1\APIRequest::get('api'));
     $account_data = \V1\Model\Account::get_account();
     $package_limits = \V1\RAML::parse_package_limits();
     /*
      * Are there any limits on the API for our package level? API limits are imposed
      * by Bit API Hub, not the API provider. It helps to limit the amount of bandwidth
      * we allot for each call. The heavier the call, the less calls people can make.
      */
     if (is_array($package_limits) && array_key_exists('level' . $account_data['access_level'], $package_limits) && !empty($usage = \V1\Usage::get_usage(\V1\APIRequest::get('api')))) {
         // Loop the allotments of API calls per time period
         foreach ($package_limits['level' . $account_data['access_level']] as $time_period => $allotment) {
             // If we have a valid log for the time period, and it's already maxed out, fail the check.
             if (isset($usage[$time_period]) && $usage[$time_period]['count'] == $allotment && \Utility::subtract_seconds($time_period) <= $usage[$time_period]['ts'] && $usage[$time_period]['ts'] <= time()) {
                 return \Utility::format_error(429, \V1\Err::TOO_MANY_REQUESTS, \Lang::get('v1::errors.too_many_requests', array('allotment' => number_format($allotment), 'period' => $time_period)));
             }
         }
     }
     // We're not breaking the speed limit, so shush.
     return true;
 }
 /**
  * Try to get an \APICall object
  *
  * @param string $call The static call name, or null if we're making a dynamic call.
  * @return mixed The \APICall object on success, or false if an error occurred.
  */
 protected static function apicall_object($call = null)
 {
     // For some reason we can't parse the RAML, so we throw a 500 error.
     if (($api_def = \V1\RAML::parse()) === false) {
         return \Utility::format_error(500);
     } elseif (is_array($api_def)) {
         // Specific error
         return $api_def;
     }
     $all_calls = (array) $api_def->getResourcesAsUri();
     $all_calls = reset($all_calls);
     $api_call = null;
     // Loop through every possible URI on the API
     foreach ($all_calls as $uri => $call_data) {
         // GET /res/name
         $uri_explode = explode(' ', $uri);
         // Is it the static call we need?
         if (($call_uri = str_replace('/{{static-calls}}' . $call, '', $uri_explode[1])) !== $uri_explode[1]) {
             /*
              * Static calls only have one method, so since it matches the resource, we'll pass along
              * the method it uses.
              */
             $api_call = \V1\APICall::forge($api_def, $uri_explode[0], $call_uri, $uri_explode[1]);
             break;
         }
     }
     if (is_object($api_call)) {
         if (!empty($api_call->get_errors())) {
             // Errors from \APICall
             return $api_call->get_errors();
         } else {
             // Return the \APICall object
             return $api_call;
         }
     }
     return false;
 }