add initial support for logging and notifications

2025-02-06 15:14:58 +00:00 · 2022-11-05 16:24:39 +01:00 · 2022-11-05 16:24:39 +01:00 · 13099d67aa
commit 13099d67aa
parent fd8de36db8
1 changed files with 72 additions and 14 deletions
--- a/restapi/index.php
+++ b/restapi/index.php
@ -1,11 +1,40 @@
 <?php
 include("../inc/inc.Settings.php");
-include("../inc/inc.LogInit.php");
+
-include("../inc/inc.Utils.php");
+require_once("../inc/inc.Language.php");
-include("../inc/inc.Language.php");
+require_once("../inc/inc.Utils.php");
-include("../inc/inc.Init.php");
+
-include("../inc/inc.DBInit.php");
+$logger = getLogger('restapi-');
-include("../inc/inc.Extension.php");
+
 require_once("../inc/inc.Init.php");
 require_once("../inc/inc.Extension.php");
 require_once("../inc/inc.DBInit.php");
 require_once("../inc/inc.ClassNotificationService.php");
 require_once("../inc/inc.ClassEmailNotify.php");
 require_once("../inc/inc.Notification.php");
 require_once("../inc/inc.ClassController.php");
 $notifier = new SeedDMS_NotificationService($logger, $settings);
 if(isset($GLOBALS['SEEDDMS_HOOKS']['notification'])) {
 	foreach($GLOBALS['SEEDDMS_HOOKS']['notification'] as $notificationObj) {
 		if(method_exists($notificationObj, 'preAddService')) {
 			$notificationObj->preAddService($dms, $notifier);
 		}
 	}
 }
 if($settings->_enableEmail) {
 	$notifier->addService(new SeedDMS_EmailNotify($dms, $settings->_smtpSendFrom, $settings->_smtpServer, $settings->_smtpPort, $settings->_smtpUser, $settings->_smtpPassword));
 }
 if(isset($GLOBALS['SEEDDMS_HOOKS']['notification'])) {
 	foreach($GLOBALS['SEEDDMS_HOOKS']['notification'] as $notificationObj) {
 		if(method_exists($notificationObj, 'postAddService')) {
 			$notificationObj->postAddService($dms, $notifier);
 		}
 	}
 }
 require "vendor/autoload.php";
@ -194,10 +223,13 @@ class RestapiController { /* {{{ */
        $dms = $this->container->dms;
        $settings = $this->container->config;
        $logger = $this->container->logger;
        $params = $request->getParsedBody();
-        if(empty($params['user']) || empty($params['pass']))
+        if(empty($params['user']) || empty($params['pass'])) {
            $logger->log("Login without username or password failed", PEAR_LOG_INFO);
            return $response->withJson(array('success'=>false, 'message'=>'No user or password given', 'data'=>''), 400);
        }
        $username = $params['user'];
        $password = $params['pass'];
@ -220,12 +252,13 @@ class RestapiController { /* {{{ */
        if(!$userobj) {
            setcookie("mydms_session", '', time()-3600, $settings->_httpRoot);
            $logger->log("Login with user name '".$username."' failed", PEAR_LOG_INFO);
            return $response->withJson(array('success'=>false, 'message'=>'Login failed', 'data'=>''), 403);
        } else {
            require_once("../inc/inc.ClassSession.php");
            $session = new SeedDMS_Session($dms->getDb());
            if(!$id = $session->create(array('userid'=>$userobj->getId(), 'theme'=>$userobj->getTheme(), 'lang'=>$userobj->getLanguage()))) {
-                exit;
+              return $response->withJson(array('success'=>false, 'message'=>'Creating session failed', 'data'=>''), 500);
            }
            // Set the session cookie.
@ -236,6 +269,7 @@ class RestapiController { /* {{{ */
            setcookie("mydms_session", $id, $lifetime, $settings->_httpRoot);
            $dms->setUser($userobj);
 			$logger->log("Login with user name '".$username."' successful", PEAR_LOG_INFO);
            return $response->withJson(array('success'=>true, 'message'=>'', 'data'=>$this->__getUserData($userobj)), 200);
        }
    } /* }}} */
@ -445,6 +479,7 @@ class RestapiController { /* {{{ */
        $dms = $this->container->dms;
        $userobj = $this->container->userobj;
        $settings = $this->container->config;
        $logger = $this->container->logger;
        if(!$userobj) {
            return $response->withJson(array('success'=>false, 'message'=>'Not logged in', 'data'=>''), 403);
@ -472,9 +507,12 @@ class RestapiController { /* {{{ */
                            $sequence = 1.0;
                    }
                    $newattrs = array();
-                    if(!empty($params['attributes'])) {
+					if(!empty($params['attributes'])) {
-                        foreach($params['attributes'] as $attrname=>$attrvalue) {
+						foreach($params['attributes'] as $attrname=>$attrvalue) {
-                            $attrdef = $dms->getAttributeDefinitionByName($attrname);
+							if((is_int($attrname) || ctype_digit($attrname)) && ((int) $attrname) > 0)
 								$attrdef = $dms->getAttributeDefinition((int) $attrname);
 							else
 								$attrdef = $dms->getAttributeDefinitionByName($attrname);
                            if($attrdef) {
                                $newattrs[$attrdef->getID()] = $attrvalue;
                            }
@ -489,6 +527,7 @@ class RestapiController { /* {{{ */
                    if($folder = $parent->addSubFolder($params['name'], $comment, $userobj, $sequence, $newattrs)) {
                        $rec = $this->__getFolderData($folder);
 			            $logger->log("Creating folder '".$folder->getName()."' (".$folder->getId().") successful", PEAR_LOG_INFO);
                        return $response->withJson(array('success'=>true, 'message'=>'', 'data'=>$rec), 201);
                    } else {
                        return $response->withJson(array('success'=>false, 'message'=>'Could not create folder', 'data'=>''), 500);
@ -644,7 +683,11 @@ class RestapiController { /* {{{ */
                }
                $attributes = isset($params["attributes"]) ? $params["attributes"] : array();
                foreach($attributes as $attrdefid=>$attribute) {
-                    if($attrdef = $dms->getAttributeDefinition($attrdefid)) {
+					if((is_int($attrdefid) || ctype_digit($attrdefid)) && ((int) $attrdefid) > 0)
 						$attrdef = $dms->getAttributeDefinition((int) $attrdefid);
 					else
 						$attrdef = $dms->getAttributeDefinitionByName($attrdefid);
                    if($attrdef) {
                        if($attribute) {
                            if(!$attrdef->validate($attribute)) {
                                return $response->withJson(array('success'=>false, 'message'=>getAttributeValidationText($attrdef->getValidationError(), $attrdef->getName(), $attribute), 'data'=>''), 400);
@ -725,7 +768,11 @@ class RestapiController { /* {{{ */
                $comment = isset($params['comment']) ? $params['comment'] : null;
                $attributes = isset($params["attributes"]) ? $params["attributes"] : array();
                foreach($attributes as $attrdefid=>$attribute) {
-                    if($attrdef = $dms->getAttributeDefinition($attrdefid)) {
+					if((is_int($attrdefid) || ctype_digit($attrdefid)) && ((int) $attrdefid) > 0)
 						$attrdef = $dms->getAttributeDefinition((int) $attrdefid);
 					else
 						$attrdef = $dms->getAttributeDefinitionByName($attrdefid);
                    if($attrdef) {
                        if($attribute) {
                            if(!$attrdef->validate($attribute)) {
                                return $response->withJson(array('success'=>false, 'message'=>getAttributeValidationText($attrdef->getValidationError(), $attrdef->getName(), $attribute), 'data'=>''), 400);
@ -1631,7 +1678,10 @@ class RestapiController { /* {{{ */
        $query = $params['value'];
        if(empty($params['limit']) || !$limit = $params['limit'])
            $limit = 50;
-        $attrdef = $dms->getAttributeDefinitionByName($attrname);
+		if(ctype_digit($attrname) && ((int) $attrname) > 0)
 			$attrdef = $dms->getAttributeDefinition((int) $attrname);
 		else
 			$attrdef = $dms->getAttributeDefinitionByName($attrname);
        $entries = array();
        if($attrdef) {
            $resArr = $attrdef->getObjects($query, $limit);
@ -2167,6 +2217,7 @@ class RestapiController { /* {{{ */
    function createCategory($request, $response) { /* {{{ */
        $dms = $this->container->dms;
        $userobj = $this->container->userobj;
        $logger = $this->container->logger;
        $check = $this->checkIfAdmin($request, $response);
        if($check !== true)
@ -2182,6 +2233,7 @@ class RestapiController { /* {{{ */
            return $response->withJson(array('success'=>false, 'message'=>'Category already exists', 'data'=>''), 409);
        } else {
            if($data = $dms->addDocumentCategory($params['name'])) {
                $logger->log("Creating category '".$data->getName()."' (".$data->getId().") successful", PEAR_LOG_INFO);
                return $response->withJson(array('success'=>true, 'message'=>'', 'data'=>$this->__getCategoryData($data)), 201);
            } else {
                return $response->withJson(array('success'=>false, 'message'=>'Could not add category', 'data'=>''), 500);
@ -2381,6 +2433,8 @@ class Auth { /* {{{ */
        // $this->container has the DI
        $dms = $this->container->dms;
        $settings = $this->container->config;
        $logger = $this->container->logger;
        $logger->log("Access with method ".$request->getMethod()." on '".$request->getUri()->getPath()."'".(isset($this->container->environment['HTTP_ORIGIN']) ? " with origin ".$this->container->environment['HTTP_ORIGIN'] : ''), PEAR_LOG_INFO);
        if($settings->_apiOrigin && isset($this->container->environment['HTTP_ORIGIN'])) {
            $origins = explode(',', $settings->_apiOrigin);
            if(!in_array($this->container->environment['HTTP_ORIGIN'], $origins)) {
@ -2401,6 +2455,7 @@ class Auth { /* {{{ */
                } else {
                    return $response->withStatus(403);
                }
 			    $logger->log("Login with apikey as '".$userobj->getLogin()."' successful", PEAR_LOG_INFO);
            } else {
                require_once("../inc/inc.ClassSession.php");
                $session = new SeedDMS_Session($dms->getDb());
@ -2432,6 +2487,7 @@ class Auth { /* {{{ */
                                return $response->withStatus(403);
                        }
                    }
 //			        $logger->log("Login with user name '".$userobj->getLogin()."' successful", PEAR_LOG_INFO);
                    $dms->setUser($userobj);
                } else {
                    return $response->withStatus(403);
@ -2448,6 +2504,8 @@ $container = $app->getContainer();
 $container['dms'] = $dms;
 $container['config'] = $settings;
 $container['conversionmgr'] = $conversionmgr;
 $container['logger'] = $logger;
 $container['fulltextservice'] = $fulltextservice;
 $app->add(new Auth($container));
 // Make CORS preflighted request possible