gnh1201/seeddms-code
1
0
Fork 0
mirror of https://git.code.sf.net/p/seeddms/code synced 2025-10-31 13:18:06 +00:00
Code Issues Actions Packages Projects Releases Wiki Activity

Merge branch 'seeddms-5.1.x' into seeddms-6.0.x

Browse Source
This commit is contained in:
Uwe Steinmann 2023-04-04 12:33:03 +02:00
commit 1f92a47c30
3 changed files with 27 additions and 22 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

5
CHANGELOG
View File

@ -251,6 +251,11 @@
- add document list which can be exported as an archive
- search results can be exported
--------------------------------------------------------------------------------
Changes in version 5.1.31
--------------------------------------------------------------------------------
- rest api returns error msg and not just http status
--------------------------------------------------------------------------------
Changes in version 5.1.30
--------------------------------------------------------------------------------

2
inc/inc.Version.php
View File

@ -20,7 +20,7 @@
class SeedDMS_Version { /* {{{ */
const _number = "6.0.23";
const _number = "6.0.24";
const _string = "SeedDMS";
function __construct() {

42
restapi/index.php
View File

@ -435,7 +435,7 @@ class RestapiController { /* {{{ */
return $response->withJson(array('success'=>false, 'message'=>'No access', 'data'=>''), 403);
}
} else {
return $response->withStatus(404);
return $response->withJson(array('success'=>false, 'message'=>'No such folder', 'data'=>''), 404);
}
}
} /* }}} */
@ -2136,7 +2136,7 @@ class RestapiController { /* {{{ */
}
return $response->withJson(array('success'=>true, 'message'=>'', 'data'=>$data), 200);
} else {
return $response->withStatus(404);
return $response->withJson(array('success'=>false, 'message'=>'No such group', 'data'=>''), 404);
}
} /* }}} */
@ -2241,7 +2241,7 @@ class RestapiController { /* {{{ */
$success = ($folder->inheritsAccess() == $inherit);
return $response->withJson(array('success'=>$success, 'message'=>'', 'data'=>$data), 200);
} else {
return $response->withStatus(404);
return $response->withJson(array('success'=>false, 'message'=>'No such folder', 'data'=>''), 404);
}
} /* }}} */
@ -2275,7 +2275,7 @@ class RestapiController { /* {{{ */
$folder = $dms->getfolderByName($args['id']);
}
if (!$folder) {
return $response->withStatus(404);
return $response->withJson(array('success'=>false, 'message'=>'No such folder', 'data'=>''), 404);
}
$params = $request->getParsedBody();
@ -2550,7 +2550,7 @@ class RestapiController { /* {{{ */
$folder = $dms->getFolderByName($args['id']);
}
if (!$folder) {
return $response->withStatus(404);
return $response->withJson(array('success'=>false, 'message'=>'No such folder', 'data'=>''), 404);
}
if (!$folder->clearAccessList()) {
return $response->withJson(array('success'=>false, 'message'=>'Something went wrong. Could not clear access list for this folder.', 'data'=>''), 500);
@ -2645,17 +2645,17 @@ class RestapiAuth { /* {{{ */
$logger->log("Received preflight options request", PEAR_LOG_DEBUG);
} elseif(!in_array($request->getUri()->getPath(), array('login')) && substr($request->getUri()->getPath(), 0, 5) != 'echo/' && $request->getUri()->getPath() != 'version') {
$userobj = null;
if(!empty($this->container->environment['HTTP_AUTHORIZATION']) && !empty($settings->_apiKey) && !empty($settings->_apiUserId)) {
$logger->log("Authorization key: ".$this->container->environment['HTTP_AUTHORIZATION'], PEAR_LOG_DEBUG);
if($settings->_apiKey == $this->container->environment['HTTP_AUTHORIZATION']) {
if(!($userobj = $dms->getUser($settings->_apiUserId))) {
return $response->withStatus(403);
}
} else {
return $response->withStatus(403);
}
$logger->log("Login with apikey as '".$userobj->getLogin()."' successful", PEAR_LOG_INFO);
} else {
if(!empty($this->container->environment['HTTP_AUTHORIZATION']) && !empty($settings->_apiKey) && !empty($settings->_apiUserId)) {
$logger->log("Authorization key: ".$this->container->environment['HTTP_AUTHORIZATION'], PEAR_LOG_DEBUG);
if($settings->_apiKey == $this->container->environment['HTTP_AUTHORIZATION']) {
if(!($userobj = $dms->getUser($settings->_apiUserId))) {
return $response->withJson(array('success'=>false, 'message'=>'Invalid user associated with api key', 'data'=>''), 403);
}
} else {
return $response->withJson(array('success'=>false, 'message'=>'Wrong api key', 'data'=>''), 403);
}
$logger->log("Login with apikey as '".$userobj->getLogin()."' successful", PEAR_LOG_INFO);
} else {
require_once("../inc/inc.ClassSession.php");
$session = new SeedDMS_Session($dms->getDb());
if (isset($_COOKIE["mydms_session"])) {
@ -2665,7 +2665,7 @@ class RestapiAuth { /* {{{ */
/* Delete Cookie */
setcookie("mydms_session", $dms_session, time()-3600, $settings->_httpRoot);
$logger->log("Session for id '".$dms_session."' has gone", PEAR_LOG_ERR);
return $response->withStatus(403);
return $response->withJson(array('success'=>false, 'message'=>'Session has gone', 'data'=>''), 403);
}
/* Load user data */
@ -2675,20 +2675,20 @@ class RestapiAuth { /* {{{ */
setcookie("mydms_session", $dms_session, time()-3600, $settings->_httpRoot);
if($settings->_enableGuestLogin) {
if(!($userobj = $dms->getUser($settings->_guestID)))
return $response->withStatus(403);
return $response->withJson(array('success'=>false, 'message'=>'Could not get guest login', 'data'=>''), 403);
} else
return $response->withStatus(403);
return $response->withJson(array('success'=>false, 'message'=>'Login as guest disabled', 'data'=>''), 403);
}
if($userobj->isAdmin()) {
if($resArr["su"]) {
if(!($userobj = $dms->getUser($resArr["su"])))
return $response->withStatus(403);
return $response->withJson(array('success'=>false, 'message'=>'Cannot substitute user', 'data'=>''), 403);
}
}
// $logger->log("Login with user name '".$userobj->getLogin()."' successful", PEAR_LOG_INFO);
$dms->setUser($userobj);
} else {
return $response->withStatus(403);
return $response->withJson(array('success'=>false, 'message'=>'Missing session cookie', 'data'=>''), 403);
}
}
$this->container['userobj'] = $userobj;