const SHRUB_PATH = "../../src/shrub/src/";
include_once __DIR__ . "/" . CONFIG_PATH . "config.php";
require_once __DIR__ . "/" . SHRUB_PATH . "api.php";
json_Begin();
// Do Actions //
switch ($REQUEST[0]) {
case 'set':
json_ValidateHTTPMethod('POST');
if (user_AuthIsAdmin()) {
json_EmitFatalError_NotImplemented(null, $RESPONSE);
/// @todo sanitize (don't let API create fields)
/// @todo Do a set
if (false) {
json_RespondCreated();
} else {
json_EmitFatalError_Server(null, $RESPONSE);
}
} else {
json_EmitFatalError_Permission(null, $RESPONSE);
}
break;
case 'get':
json_ValidateHTTPMethod('GET');
if (user_AuthIsAdmin()) {
$RESPONSE['global'] = $SH;
} else {
json_EmitFatalError_Permission(null, $RESPONSE);
}
break;
default:
json_EmitFatalError_Forbidden(null, $RESPONSE);
if (!user_AuthKeyClear($id)) {
json_EmitFatalError_Server("Unable to clear key", $RESPONSE);
}
// @TODO send confirmation e-mail
// Successfully Created.
json_RespondCreated();
} else {
json_EmitFatalError_Server("Unable to add node", $RESPONSE);
}
}
}
}
} else {
// Keys don't match. This may be an attempt to hijack the account, so destroy the key.
if (!user_AuthKeyClear($id)) {
json_EmitFatalError_Server("Unable to clear key", $RESPONSE);
}
json_EmitFatalError_Permission(null, $RESPONSE);
}
} else {
json_EmitFatalError_Permission(null, $RESPONSE);
}
} else {
json_EmitFatalError_BadRequest(null, $RESPONSE);
}
break;
case 'login':
json_ValidateHTTPMethod('POST');
$login = null;
$pw = null;
$secret = null;
