gnh1201/seeddms-code
1
0
Fork 0
mirror of https://git.code.sf.net/p/seeddms/code synced 2025-02-06 15:14:58 +00:00
Code Issues Actions Packages Projects Releases Wiki Activity

better error checking and fixed some return values

Browse Source
This commit is contained in:
Uwe Steinmann 2020-06-23 10:01:41 +02:00
parent ac1ea2d58e
commit 5a3e2578e1
1 changed files with 36 additions and 12 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

38
restapi/index.php
View File

@ -538,7 +538,7 @@ function createFolder($request, $response, $args) { /* {{{ */
return $response->withJson(array('success'=>false, 'message'=>'No access on destination folder', 'data'=>''), 403); return $response->withJson(array('success'=>false, 'message'=>'No access on destination folder', 'data'=>''), 403);
} }
} else { } else {
return $response->withJson(array('success'=>false, 'message'=>'Could not find parent folder', 'data'=>''), 500); return $response->withJson(array('success'=>false, 'message'=>'Could not find parent folder', 'data'=>''), 404);
} }
} /* }}} */ } /* }}} */
@ -703,8 +703,8 @@ function uploadDocument($request, $response, $args) { /* {{{ */
unlink($temp); unlink($temp);
if($res) { if($res) {
$doc = $res[0]; $doc = $res[0];
$rec = array('id'=>(int)$doc->getId(), 'name'=>$doc->getName(), 'version'=>$doc->getLatestContent()->getVersion()); // $rec = array('id'=>(int)$doc->getId(), 'name'=>$doc->getName(), 'version'=>$doc->getLatestContent()->getVersion());
return $response->withJson(array('success'=>true, 'message'=>'Upload succeded', 'data'=>$rec), 200); return $response->withJson(array('success'=>true, 'message'=>'Upload succeded', 'data'=>__getLatestVersionData($doc->getLatestContent())), 201);
} else { } else {
return $response->withJson(array('success'=>false, 'message'=>'Upload failed', 'data'=>''), 500); return $response->withJson(array('success'=>false, 'message'=>'Upload failed', 'data'=>''), 500);
} }
@ -900,6 +900,10 @@ function addDocumentLink($request, $response, $args) { /* {{{ */
return $response->withJson(array('success'=>false, 'message'=>'No source document given', 'data'=>''), 400); return $response->withJson(array('success'=>false, 'message'=>'No source document given', 'data'=>''), 400);
return; return;
} }
if(!ctype_digit($args['documentid']) || $args['documentid'] == 0) {
return $response->withJson(array('success'=>false, 'message'=>'No target document given', 'data'=>''), 400);
return;
}
$sourcedoc = $dms->getDocument($args['id']); $sourcedoc = $dms->getDocument($args['id']);
$targetdoc = $dms->getDocument($args['documentid']); $targetdoc = $dms->getDocument($args['documentid']);
if($sourcedoc && $targetdoc) { if($sourcedoc && $targetdoc) {
@ -945,6 +949,11 @@ function getDocument($request, $response, $args) { /* {{{ */
function deleteDocument($request, $response, $args) { /* {{{ */ function deleteDocument($request, $response, $args) { /* {{{ */
global $dms, $userobj; global $dms, $userobj;
if(!ctype_digit($args['id'])) {
return $response->withJson(array('success'=>false, 'message'=>'Invalid parameter', 'data'=>''), 400);
}
$document = $dms->getDocument($args['id']); $document = $dms->getDocument($args['id']);
if($document) { if($document) {
if ($document->getAccessMode($userobj, 'deleteDocument') >= M_READWRITE) { if ($document->getAccessMode($userobj, 'deleteDocument') >= M_READWRITE) {
@ -1277,6 +1286,11 @@ function getDocumentAttributes($request, $response, $args) { /* {{{ */
function getDocumentPreview($request, $response, $args) { /* {{{ */ function getDocumentPreview($request, $response, $args) { /* {{{ */
global $dms, $userobj, $settings; global $dms, $userobj, $settings;
require_once "SeedDMS/Preview.php"; require_once "SeedDMS/Preview.php";
if(!ctype_digit($args['id'])) {
return $response->withJson(array('success'=>false, 'message'=>'Invalid parameter', 'data'=>''), 400);
}
$document = $dms->getDocument($args['id']); $document = $dms->getDocument($args['id']);
if($document) { if($document) {
@ -1321,8 +1335,13 @@ function getDocumentPreview($request, $response, $args) { /* {{{ */
function removeDocumentCategory($request, $response, $args) { /* {{{ */ function removeDocumentCategory($request, $response, $args) { /* {{{ */
global $dms, $userobj; global $dms, $userobj;
if(!ctype_digit($args['id']) || !ctype_digit($args['catid'])) {
return $response->withJson(array('success'=>false, 'message'=>'Invalid parameter', 'data'=>''), 400);
}
$document = $dms->getDocument($args['id']); $document = $dms->getDocument($args['id']);
$category = $dms->getDocumentCategory($args['categoryId']); $category = $dms->getDocumentCategory($args['catid']);
if($document && $category) { if($document && $category) {
if ($document->getAccessMode($userobj, 'removeDocumentCategory') >= M_READWRITE) { if ($document->getAccessMode($userobj, 'removeDocumentCategory') >= M_READWRITE) {
@ -1345,6 +1364,11 @@ function removeDocumentCategory($request, $response, $args) { /* {{{ */
function removeDocumentCategories($request, $response, $args) { /* {{{ */ function removeDocumentCategories($request, $response, $args) { /* {{{ */
global $dms, $userobj; global $dms, $userobj;
if(!ctype_digit($args['id'])) {
return $response->withJson(array('success'=>false, 'message'=>'Invalid parameter', 'data'=>''), 400);
}
$document = $dms->getDocument($args['id']); $document = $dms->getDocument($args['id']);
if($document) { if($document) {
@ -1352,7 +1376,7 @@ function removeDocumentCategories($request, $response, $args) { /* {{{ */
if($document->setCategories(array())) if($document->setCategories(array()))
return $response->withJson(array('success'=>true, 'message'=>'Deleted categories successfully.', 'data'=>''), 200); return $response->withJson(array('success'=>true, 'message'=>'Deleted categories successfully.', 'data'=>''), 200);
else else
return $response->withJson(array('success'=>false, 'message'=>'', 'data'=>''), 200); return $response->withJson(array('success'=>false, 'message'=>'', 'data'=>''), 500);
} else { } else {
return $response->withJson(array('success'=>false, 'message'=>'No access', 'data'=>''), 403); return $response->withJson(array('success'=>false, 'message'=>'No access', 'data'=>''), 403);
} }
@ -2183,7 +2207,7 @@ $app->get('/folder/{id}/children', 'getFolderChildren');
$app->get('/folder/{id}/parent', 'getFolderParent'); $app->get('/folder/{id}/parent', 'getFolderParent');
$app->get('/folder/{id}/path', 'getFolderPath'); $app->get('/folder/{id}/path', 'getFolderPath');
$app->get('/folder/{id}/attributes', 'getFolderAttributes'); $app->get('/folder/{id}/attributes', 'getFolderAttributes');
$app->post('/folder/{id}/createfolder', 'createFolder'); $app->post('/folder/{id}/folder', 'createFolder');
$app->put('/folder/{id}/document', 'uploadDocumentPut'); $app->put('/folder/{id}/document', 'uploadDocumentPut');
$app->post('/folder/{id}/document', 'uploadDocument'); $app->post('/folder/{id}/document', 'uploadDocument');
$app->get('/document/{id}', 'getDocument'); $app->get('/document/{id}', 'getDocument');
@ -2202,7 +2226,7 @@ $app->post('/document/{id}/link/{documentid}', 'addDocumentLink');
$app->get('/document/{id}/attributes', 'getDocumentAttributes'); $app->get('/document/{id}/attributes', 'getDocumentAttributes');
$app->get('/document/{id}/preview/{version}/{width}', 'getDocumentPreview'); $app->get('/document/{id}/preview/{version}/{width}', 'getDocumentPreview');
$app->delete('/document/{id}/categories', 'removeDocumentCategories'); $app->delete('/document/{id}/categories', 'removeDocumentCategories');
$app->delete('/document/{id}/category/{categoryId}', 'removeDocumentCategory'); $app->delete('/document/{id}/category/{catid}', 'removeDocumentCategory');
$app->put('/account/fullname', 'setFullName'); $app->put('/account/fullname', 'setFullName');
$app->put('/account/email', 'setEmail'); $app->put('/account/email', 'setEmail');
$app->get('/account/documents/locked', 'getLockedDocuments'); $app->get('/account/documents/locked', 'getLockedDocuments');