$app->post("/{$v}/hash/?", function () use($app) { if (!(isset($_POST['password']) && !empty($_POST['password']))) { return JsonView::render(array('success' => false, 'message' => 'Must provide password.')); } $salt = isset($_POST['salt']) && !empty($_POST['salt']) ? $_POST['salt'] : ''; $hashedPassword = Auth::hashPassword($_POST['password'], $salt); return JsonView::render(array('success' => true, 'password' => $hashedPassword)); }); $app->get("/{$v}/privileges/:groupId/", function ($groupId) use($acl, $ZendDb, $params, $requestPayload, $app) { $currentUser = Auth::getUserRecord(); $myGroupId = $currentUser['group']; if ($myGroupId != 1) { throw new Exception('Permission denied'); } $privileges = new DirectusPrivilegesTableGateway($acl, $ZendDb); $response = $privileges->fetchPerTable($groupId); return JsonView::render($response); }); $app->map("/{$v}/privileges/:groupId/?", function ($groupId) use($acl, $ZendDb, $params, $requestPayload, $app) { $currentUser = Auth::getUserRecord(); $myGroupId = $currentUser['group']; if ($myGroupId != 1) { throw new Exception('Permission denied'); } if (isset($requestPayload['addTable'])) { $isTableNameAlphanumeric = preg_match("/[a-z0-9]+/i", $requestPayload['table_name']); $zeroOrMoreUnderscoresDashes = preg_match("/[_-]*/i", $requestPayload['table_name']); if (!($isTableNameAlphanumeric && $zeroOrMoreUnderscoresDashes)) { $app->response->setStatus(400); return JsonView::render(array('message' => 'Invalid table name')); }
// default random string length $length = 32; if (array_key_exists('length', $_POST)) { $length = (int) $_POST['length']; } $randomString = StringUtils::randomString($length); return JsonView::render(['random' => $randomString]); }); $app->get("/{$v}/privileges/:groupId(/:tableName)/?", function ($groupId, $tableName = null) use($acl, $ZendDb, $params, $requestPayload, $app) { $currentUser = Auth::getUserRecord(); $myGroupId = $currentUser['group']; if ($myGroupId != 1) { throw new Exception(__t('permission_denied')); } $privileges = new DirectusPrivilegesTableGateway($acl, $ZendDb); $response = $privileges->fetchPerTable($groupId, $tableName); if (!$response) { $app->response()->setStatus(404); $response = ['message' => __t('unable_to_find_privileges_for_x_in_group_x', ['table' => $tableName, 'group_id' => $groupId]), 'success' => false]; } return JsonView::render($response); }); $app->map("/{$v}/privileges/:groupId/?", function ($groupId) use($acl, $ZendDb, $params, $requestPayload, $app) { $currentUser = Auth::getUserRecord(); $myGroupId = $currentUser['group']; if ($myGroupId != 1) { throw new Exception(__t('permission_denied')); } if (isset($requestPayload['addTable'])) { $isTableNameAlphanumeric = preg_match("/[a-z0-9]+/i", $requestPayload['table_name']); $zeroOrMoreUnderscoresDashes = preg_match("/[_-]*/i", $requestPayload['table_name']);