public function put()
{
if (parent::put() != false) {
try {
$xml = new SimpleXMLElement($this->getData());
} catch (Exception $e) {
$this->_error = RestErrorEnum::RE_INVALID_REPRESENTATION;
return false;
}
$xmli = $xml->xpath('//appdb:request');
if (count($xmli) === 0) {
$this->_error = RestErrorEnum::RE_INVALID_REPRESENTATION;
$this->_extError = "No request element provided";
return false;
}
$apiroutes = new SimpleXMLElement(APPLICATION_PATH . "/apiroutes.xml", 0, true);
$ret = array();
foreach ($xmli as $x) {
$routeXslt = null;
$username = null;
$userid = null;
$passwd = null;
$apikey = null;
$sessionid = null;
$src = null;
$srv = null;
$cid = null;
if (trim($apikey) == '') {
$apikey = $this->getParam("apikey");
}
$method = strval($x->attributes()->method);
switch (strtolower($method)) {
case "get":
$method = RestMethodEnum::RM_GET;
break;
case "put":
$method = RestMethodEnum::RM_PUT;
break;
case "post":
$method = RestMethodEnum::RM_POST;
break;
case "delete":
$method = RestMethodEnum::RM_DELETE;
break;
case "options":
$method = RestMethodEnum::RM_OPTIONS;
break;
default:
$method = false;
break;
}
if ($method === false) {
$this->_error = RestErrorEnum::RE_INVALID_REPRESENTATION;
$this->_extError = "Invalid value in request `method' attribute";
return false;
}
$reqID = strval($x->attributes()->id);
if ($reqID == "") {
$this->_error = RestErrorEnum::RE_INVALID_REPRESENTATION;
$this->_extError = "Missing request `id' attribute";
return false;
}
$username = strval($x->attributes()->username);
if (trim($username) == '') {
$username = $this->getParam("username");
}
$userid = strval($x->attributes()->userid);
if (trim($userid) == '') {
$userid = $this->getParam("userid");
}
$passwd = strval($x->attributes()->passwd);
if (trim($passwd) == '') {
$passwd = $this->getParam("passwd");
}
$apikey = strval($x->attributes()->apikey);
if (trim($apikey) == '') {
$apikey = $this->getParam("apikey");
}
$sessionid = $this->getParam("sessionid");
$src = $this->getParam("src");
$cid = $this->getParam("cid");
$srv = $this->getParam("remoteaddr");
$res = strval($x->attributes()->resource);
if ($res != '') {
if (substr($res, 0, 1) == "/") {
$res = substr($res, 1);
}
$pars = array();
$rx = RestBroker::matchResource($res, $apiroutes, $pars);
if (!is_null($rx)) {
try {
$resclass = strval($rx->resource);
if ($username != '') {
$pars["username"] = $username;
}
if ($userid != '') {
$pars["userid"] = $userid;
}
if ($passwd != '') {
$pars["passwd"] = $passwd;
}
if ($apikey != '') {
$pars["apikey"] = $apikey;
}
if ($sessionid != '') {
$pars["sessionid"] = $sessionid;
}
if ($src != '') {
$pars["src"] = $src;
}
if ($cid != '') {
$pars["cid"] = $cid;
}
if ($srv != '') {
$pars["remoteaddr"] = $srv;
}
$xparams = $x->xpath("appdb:param");
foreach ($xparams as $xparam) {
$pname = strval($xparam->attributes()->name);
if ($pname != '') {
$pars[$pname] = strval($xparam);
} else {
$this->_error = RestErrorEnum::RE_INVALID_REPRESENTATION;
$this->_extError = "Missing `name' attribute in `param' element for request `" . $reqID . "'";
return false;
}
}
$res = new $resclass($pars);
$fmt = $rx->xpath("format");
if (count($fmt) > 0) {
foreach ($fmt as $f) {
if (strval($f) === "xml") {
if (strval($f->attributes()->xslt) != '') {
$routeXslt = strval($f->attributes()->xslt);
}
break;
}
}
}
} catch (Exception $e) {
$this->_error = RestErrorEnum::RE_INVALID_REPRESENTATION;
$this->_extError = "Error initializing resource specified for request `" . $reqID . "'";
return false;
}
} else {
$this->_error = RestErrorEnum::RE_INVALID_REPRESENTATION;
$this->_extError = "Invalid resource specified for request `" . $reqID . "'";
return false;
}
} else {
$this->_error = RestErrorEnum::RE_INVALID_REPRESENTATION;
$this->_extError = "No resource of empty resource specified for request `" . $reqID . "'";
return false;
}
$s_method = strtolower(RestMethodEnum::toString($method));
$_res = $res->{$s_method}();
if ($_res !== false) {
if ($_res->isFragment()) {
$res = $_res->finalize();
} else {
$res = $_res;
}
} else {
$this->_error = $res->_error;
$this->_extError = $res->_extError;
return false;
}
if (!is_null($routeXslt)) {
$res = $res->transform(RestAPIHelper::getFolder(RestFolderEnum::FE_XSL_FOLDER) . $routeXslt);
}
$ret[] = '<appdb:reply id="' . $reqID . '">' . "\n" . $res . "\n" . '</appdb:reply>';
}
$ret = new XMLRestResponse($ret, $this);
$ret = '<appdb:broker ' . implode(" ", RestAPIHelper::namespaces()) . ' ' . '>' . "\n" . $ret . "\n" . '</appdb:broker>';
return new XMLRestResponse($ret, $this);
} else {
return false;
}
}
public function newproxy()
{
$apiroutes = new SimpleXMLElement(APPLICATION_PATH . "/apiroutes.xml", 0, true);
$pars = array();
$postdata = null;
$method = strtolower($this->getRequest()->getMethod());
$error = null;
$extError = null;
if ($method === "post") {
$postdata = $_POST['data'];
if (isset($_POST['resource']) && trim($_POST['resource']) === "broker") {
if ($this->session->isLocked()) {
$this->session->unLock();
}
session_write_close();
$res = $_POST['resource'];
} else {
$res = $this->_getParam("resource");
}
} else {
$res = $this->_getParam("resource");
}
$url = preg_replace('/\\?.*/', '', $res);
$qs = explode("&", preg_replace('/.*\\?/', '', $res));
$rx = RestBroker::matchResource($url, $apiroutes, $pars);
if (is_null($rx)) {
// FIXME: workaround for erroneous proxy resource notation (double URL-encoded)
// FIXME: should be fixed at the source
$res = urldecode($res);
$url = preg_replace('/\\?.*/', '', $res);
$qs = explode("&", preg_replace('/.*\\?/', '', $res));
$rx = RestBroker::matchResource($url, $apiroutes, $pars);
if (!is_null($rx)) {
// FIXME: workaround for erroneous people canonical URLs with query strings
if ($rx->resource == "RestPplItem" && ($method = "get")) {
$qs = null;
}
}
} else {
// FIXME: workaround for erroneous people canonical URLs with query strings
if ($rx->resource == "RestPplItem" && ($method = "get")) {
$qs = null;
}
}
if (is_array($qs)) {
foreach ($qs as $q) {
$i = explode("=", $q);
if (count($i) > 1) {
$pars[$i[0]] = urldecode($i[1]);
}
}
}
if (!is_null($postdata)) {
$pars['data'] = $postdata;
}
$routeXslt = null;
switch (strtolower($method)) {
case "get":
$method = RestMethodEnum::RM_GET;
break;
case "put":
$method = RestMethodEnum::RM_PUT;
break;
case "post":
$method = RestMethodEnum::RM_POST;
break;
case "delete":
$method = RestMethodEnum::RM_DELETE;
break;
case "options":
$method = RestMethodEnum::RM_OPTIONS;
break;
default:
$method = RestMethodEnum::RM_GET;
break;
}
$ret = "";
if (!is_null($rx)) {
try {
$resclass = strval($rx->resource);
$this->session = new Zend_Session_Namespace('default');
if (isset($_SERVER['REMOTE_ADDR']) && $_SERVER['REMOTE_ADDR'] != '') {
$src = base64_encode($_SERVER['REMOTE_ADDR']);
} else {
$src = '';
}
$pars['src'] = $src;
if (isset($_SERVER['SERVER_ADDR']) && $_SERVER['SERVER_ADDR'] != '') {
$srv = base64_encode($_SERVER['SERVER_ADDR']);
} else {
$srv = '';
}
$pars['remoteaddr'] = $srv;
$apikey = $userid = $passwd = '';
if ($this->session->userid !== null) {
$userid = $this->session->userid;
if (isset($_COOKIE['SimpleSAMLAuthToken'])) {
$passwd = $_COOKIE['SimpleSAMLAuthToken'];
} else {
error_log("Warning: auth token cookie ('SimpleSAMLAuthToken') is undefined!");
}
$apiconf = Zend_Registry::get("api");
$apikey = $apiconf["key"];
}
$pars['userid'] = $userid;
$pars['passwd'] = $passwd;
$pars['apikey'] = $apikey;
$pars['sessionid'] = session_id();
$pars['cid'] = 0;
if ($userid != '') {
$_GET['userid'] = $userid;
}
$res = new $resclass($pars);
$fmt = $rx->xpath("format");
if (count($fmt) > 0) {
foreach ($fmt as $f) {
if (strval($f) === "xml") {
if (strval($f->attributes()->xslt) != '') {
$routeXslt = strval($f->attributes()->xslt);
}
break;
}
}
}
} catch (Exception $e) {
$error = RestErrorEnum::toString(RestErrorEnum::RE_INVALID_REPRESENTATION);
$extError = "Could not instantiate REST resource for request `" . $res . "'";
$this->getResponse()->clearAllHeaders();
$this->getResponse()->setRawHeader("HTTP/1.0 400 Bad Request");
$this->getResponse()->setHeader("Status", "400 Bad Request");
if ($extError != "") {
error_log($error . '\\n' . $extError);
echo $error . '\\n' . $extError;
} else {
error_log($error);
echo $error;
}
return;
}
} else {
$error = RestErrorEnum::toString(RestErrorEnum::RE_INVALID_REPRESENTATION);
$extError = "Could not resolve REST resource for request `" . $res . "'";
$this->getResponse()->clearAllHeaders();
$this->getResponse()->setRawHeader("HTTP/1.0 400 Bad Request");
$this->getResponse()->setHeader("Status", "400 Bad Request");
if ($extError != "") {
error_log($error . '\\n' . $extError);
echo $error . '\\n' . $extError;
} else {
error_log($error);
echo $error;
}
return;
}
$s_method = strtolower(RestMethodEnum::toString($method));
$_res = $res->{$s_method}();
if ($_res !== false) {
if ($_res->isFragment()) {
$res = $_res->finalize();
} else {
$res = $_res;
}
if (!is_null($routeXslt)) {
$res = $res->transform(RestAPIHelper::getFolder(RestFolderEnum::FE_XSL_FOLDER) . $routeXslt);
}
echo $res;
} else {
$error = RestErrorEnum::toString($res->getError());
$extError = $res->getExtError();
$this->getResponse()->clearAllHeaders();
$this->getResponse()->setRawHeader("HTTP/1.0 400 Bad Request");
$this->getResponse()->setHeader("Status", "400 Bad Request");
if ($extError != "") {
error_log($error . '\\n' . $extError);
echo $error . '\\n' . $extError;
} else {
error_log($error);
echo $error;
}
}
}