gnh1201/seeddms-code
1
0
Fork 0
mirror of https://git.code.sf.net/p/seeddms/code synced 2024-10-04 07:02:08 +00:00
Code Issues Actions Packages Projects Releases Wiki Activity

Merge branch 'seeddms-5.1.x' into seeddms-6.0.x

Browse Source
This commit is contained in:
Uwe Steinmann 2023-04-04 12:33:03 +02:00
commit 1f92a47c30
3 changed files with 27 additions and 22 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

5
CHANGELOG
View File

@ -251,6 +251,11 @@
- add document list which can be exported as an archive - add document list which can be exported as an archive
- search results can be exported - search results can be exported
--------------------------------------------------------------------------------
Changes in version 5.1.31
--------------------------------------------------------------------------------
- rest api returns error msg and not just http status
-------------------------------------------------------------------------------- --------------------------------------------------------------------------------
Changes in version 5.1.30 Changes in version 5.1.30
-------------------------------------------------------------------------------- --------------------------------------------------------------------------------

2
inc/inc.Version.php
View File

@ -20,7 +20,7 @@
class SeedDMS_Version { /* {{{ */ class SeedDMS_Version { /* {{{ */
const _number = "6.0.23"; const _number = "6.0.24";
const _string = "SeedDMS"; const _string = "SeedDMS";
function __construct() { function __construct() {

42
restapi/index.php
View File

@ -435,7 +435,7 @@ class RestapiController { /* {{{ */
return $response->withJson(array('success'=>false, 'message'=>'No access', 'data'=>''), 403); return $response->withJson(array('success'=>false, 'message'=>'No access', 'data'=>''), 403);
} }
} else { } else {
return $response->withStatus(404); return $response->withJson(array('success'=>false, 'message'=>'No such folder', 'data'=>''), 404);
} }
} }
} /* }}} */ } /* }}} */
@ -2136,7 +2136,7 @@ class RestapiController { /* {{{ */
} }
return $response->withJson(array('success'=>true, 'message'=>'', 'data'=>$data), 200); return $response->withJson(array('success'=>true, 'message'=>'', 'data'=>$data), 200);
} else { } else {
return $response->withStatus(404); return $response->withJson(array('success'=>false, 'message'=>'No such group', 'data'=>''), 404);
} }
} /* }}} */ } /* }}} */
@ -2241,7 +2241,7 @@ class RestapiController { /* {{{ */
$success = ($folder->inheritsAccess() == $inherit); $success = ($folder->inheritsAccess() == $inherit);
return $response->withJson(array('success'=>$success, 'message'=>'', 'data'=>$data), 200); return $response->withJson(array('success'=>$success, 'message'=>'', 'data'=>$data), 200);
} else { } else {
return $response->withStatus(404); return $response->withJson(array('success'=>false, 'message'=>'No such folder', 'data'=>''), 404);
} }
} /* }}} */ } /* }}} */
@ -2275,7 +2275,7 @@ class RestapiController { /* {{{ */
$folder = $dms->getfolderByName($args['id']); $folder = $dms->getfolderByName($args['id']);
} }
if (!$folder) { if (!$folder) {
return $response->withStatus(404); return $response->withJson(array('success'=>false, 'message'=>'No such folder', 'data'=>''), 404);
} }
$params = $request->getParsedBody(); $params = $request->getParsedBody();
@ -2550,7 +2550,7 @@ class RestapiController { /* {{{ */
$folder = $dms->getFolderByName($args['id']); $folder = $dms->getFolderByName($args['id']);
} }
if (!$folder) { if (!$folder) {
return $response->withStatus(404); return $response->withJson(array('success'=>false, 'message'=>'No such folder', 'data'=>''), 404);
} }
if (!$folder->clearAccessList()) { if (!$folder->clearAccessList()) {
return $response->withJson(array('success'=>false, 'message'=>'Something went wrong. Could not clear access list for this folder.', 'data'=>''), 500); return $response->withJson(array('success'=>false, 'message'=>'Something went wrong. Could not clear access list for this folder.', 'data'=>''), 500);
@ -2645,17 +2645,17 @@ class RestapiAuth { /* {{{ */
$logger->log("Received preflight options request", PEAR_LOG_DEBUG); $logger->log("Received preflight options request", PEAR_LOG_DEBUG);
} elseif(!in_array($request->getUri()->getPath(), array('login')) && substr($request->getUri()->getPath(), 0, 5) != 'echo/' && $request->getUri()->getPath() != 'version') { } elseif(!in_array($request->getUri()->getPath(), array('login')) && substr($request->getUri()->getPath(), 0, 5) != 'echo/' && $request->getUri()->getPath() != 'version') {
$userobj = null; $userobj = null;
if(!empty($this->container->environment['HTTP_AUTHORIZATION']) && !empty($settings->_apiKey) && !empty($settings->_apiUserId)) { if(!empty($this->container->environment['HTTP_AUTHORIZATION']) && !empty($settings->_apiKey) && !empty($settings->_apiUserId)) {
$logger->log("Authorization key: ".$this->container->environment['HTTP_AUTHORIZATION'], PEAR_LOG_DEBUG); $logger->log("Authorization key: ".$this->container->environment['HTTP_AUTHORIZATION'], PEAR_LOG_DEBUG);
if($settings->_apiKey == $this->container->environment['HTTP_AUTHORIZATION']) { if($settings->_apiKey == $this->container->environment['HTTP_AUTHORIZATION']) {
if(!($userobj = $dms->getUser($settings->_apiUserId))) { if(!($userobj = $dms->getUser($settings->_apiUserId))) {
return $response->withStatus(403); return $response->withJson(array('success'=>false, 'message'=>'Invalid user associated with api key', 'data'=>''), 403);
} }
} else { } else {
return $response->withStatus(403); return $response->withJson(array('success'=>false, 'message'=>'Wrong api key', 'data'=>''), 403);
} }
$logger->log("Login with apikey as '".$userobj->getLogin()."' successful", PEAR_LOG_INFO); $logger->log("Login with apikey as '".$userobj->getLogin()."' successful", PEAR_LOG_INFO);
} else { } else {
require_once("../inc/inc.ClassSession.php"); require_once("../inc/inc.ClassSession.php");
$session = new SeedDMS_Session($dms->getDb()); $session = new SeedDMS_Session($dms->getDb());
if (isset($_COOKIE["mydms_session"])) { if (isset($_COOKIE["mydms_session"])) {
@ -2665,7 +2665,7 @@ class RestapiAuth { /* {{{ */
/* Delete Cookie */ /* Delete Cookie */
setcookie("mydms_session", $dms_session, time()-3600, $settings->_httpRoot); setcookie("mydms_session", $dms_session, time()-3600, $settings->_httpRoot);
$logger->log("Session for id '".$dms_session."' has gone", PEAR_LOG_ERR); $logger->log("Session for id '".$dms_session."' has gone", PEAR_LOG_ERR);
return $response->withStatus(403); return $response->withJson(array('success'=>false, 'message'=>'Session has gone', 'data'=>''), 403);
} }
/* Load user data */ /* Load user data */
@ -2675,20 +2675,20 @@ class RestapiAuth { /* {{{ */
setcookie("mydms_session", $dms_session, time()-3600, $settings->_httpRoot); setcookie("mydms_session", $dms_session, time()-3600, $settings->_httpRoot);
if($settings->_enableGuestLogin) { if($settings->_enableGuestLogin) {
if(!($userobj = $dms->getUser($settings->_guestID))) if(!($userobj = $dms->getUser($settings->_guestID)))
return $response->withStatus(403); return $response->withJson(array('success'=>false, 'message'=>'Could not get guest login', 'data'=>''), 403);
} else } else
return $response->withStatus(403); return $response->withJson(array('success'=>false, 'message'=>'Login as guest disabled', 'data'=>''), 403);
} }
if($userobj->isAdmin()) { if($userobj->isAdmin()) {
if($resArr["su"]) { if($resArr["su"]) {
if(!($userobj = $dms->getUser($resArr["su"]))) if(!($userobj = $dms->getUser($resArr["su"])))
return $response->withStatus(403); return $response->withJson(array('success'=>false, 'message'=>'Cannot substitute user', 'data'=>''), 403);
} }
} }
// $logger->log("Login with user name '".$userobj->getLogin()."' successful", PEAR_LOG_INFO); // $logger->log("Login with user name '".$userobj->getLogin()."' successful", PEAR_LOG_INFO);
$dms->setUser($userobj); $dms->setUser($userobj);
} else { } else {
return $response->withStatus(403); return $response->withJson(array('success'=>false, 'message'=>'Missing session cookie', 'data'=>''), 403);
} }
} }
$this->container['userobj'] = $userobj; $this->container['userobj'] = $userobj;