diff --git a/CHANGELOG b/CHANGELOG index 222fd64a2..766c2bdf0 100644 --- a/CHANGELOG +++ b/CHANGELOG @@ -315,6 +315,10 @@ -------------------------------------------------------------------------------- Changes in version 5.1.37 -------------------------------------------------------------------------------- +- do not show chart by category if there are no categories +- documents in certain folders can be excluded from dashboard, could be useful + for folders containing archived documents +- migrate from Slim 3 to Slim 4 (check for extension updates) -------------------------------------------------------------------------------- Changes in version 5.1.36 diff --git a/composer-dist.json b/composer-dist.json index 648002029..982784871 100644 --- a/composer-dist.json +++ b/composer-dist.json @@ -8,7 +8,8 @@ "robthree/twofactorauth": "^1.5", "sabre/dav": "^4.", "sabre/xml": "*", - "slim/slim": "^3.0", + "slim/slim": "^4.0", + "guzzlehttp/psr7": "*", "erusev/parsedown": "*", "erusev/parsedown-extra": "*", "mibe/feedwriter": "^1.1", @@ -23,6 +24,7 @@ "dragonmantank/cron-expression": "^3", "zf1/zend-search-lucene": "*", "symfony/http-foundation": "^5.4", + "php-di/php-di": "^6.4", "seeddms/core": "dev-master", "seeddms/lucene": "dev-master", "seeddms/preview": "dev-master", @@ -69,5 +71,4 @@ } } ] - } diff --git a/controllers/class.UpdateDocument.php b/controllers/class.UpdateDocument.php index dfceb755d..42f68cb67 100644 --- a/controllers/class.UpdateDocument.php +++ b/controllers/class.UpdateDocument.php @@ -59,7 +59,7 @@ class SeedDMS_Controller_UpdateDocument extends SeedDMS_Controller_Common { $content = $this->callHook('updateDocument'); if($content === null) { $filesize = SeedDMS_Core_File::fileSize($userfiletmp); - if($contentResult=$document->addContent($comment, $user, $userfiletmp, utf8_basename($userfilename), $filetype, $userfiletype, $reviewers, $approvers, $version=0, $attributes, $workflow, $initialdocumentstatus)) { + if($contentResult=$document->addContent($comment, $user, $userfiletmp, utf8_basename($userfilename), $filetype, $userfiletype, $reviewers, $approvers, 0, $attributes, $workflow, $initialdocumentstatus)) { if ($this->hasParam('expires')) { if($document->setExpires($this->getParam('expires'))) { diff --git a/doc/README.Restapi.md b/doc/README.Restapi.md new file mode 100644 index 000000000..d34aa07b2 --- /dev/null +++ b/doc/README.Restapi.md @@ -0,0 +1,55 @@ +# How to access the Rest API + +Below are various examples on how to access the Rest API. Some of them +start by calling the `login` endpoint which creates a cookie based +session which is stored in a local file named `cookies.txt`. +The authentication is done with the user `admin`. You may use any other +user as well. + +You may as well pass `-H Authorization: ` instead of `-b cookies.txt` +to `curl` after setting the api key in the configuration of your SeedDMS. +Of course, in that case you will not need the initial call of the `login` +endpoint. + +The examples often use the `jq` programm for formating the returned +json data. + +## Initial test + +The `echo` endpoint does not require any authentication. + +``` +#!/bin/sh +BASEURL="https://your-domain/" + +curl --silent -X GET ${BASEURL}restapi/index.php/echo/test | jq '.' + +``` + +## Getting list of users + +``` +#!/bin/sh +BASEURL="https://your-domain/" + +curl --silent -F "user=admin" -F "pass=admin" -b cookies.txt -c cookies.txt ${BASEURL}restapi/index.php/login | jq + +curl --silent -b cookies.txt -X GET "${BASEURL}restapi/index.php/users" | jq '.' +``` + +## Getting meta data of a folder + +``` +#!/bin/sh +BASEURL="https://your-domain/" + +curl --silent -H "Authorization: " -X GET "${BASEURL}restapi/index.php/folder/1" | jq '.' +``` +## Notes + +Make sure to encode the data properly when using restapi functions which uses +put. If you use curl with PHP, then encode the data as the following + + curl_setopt($ch, CURLOPT_POSTFIELDS, http_build_query($data)); + curl_setopt($ch, CURLOPT_HTTPHEADER, array('Content-Type: application/x-www-form-urlencoded')); + diff --git a/inc/inc.ClassAuthenticationMiddleware.php b/inc/inc.ClassAuthenticationMiddleware.php index fa8d0fdc7..97e74c55f 100644 --- a/inc/inc.ClassAuthenticationMiddleware.php +++ b/inc/inc.ClassAuthenticationMiddleware.php @@ -48,18 +48,18 @@ class SeedDMS_Auth_Middleware_Session { /* {{{ */ * * @return \Psr\Http\Message\ResponseInterface */ - public function __invoke($request, $response, $next) { + public function __invoke($request, $handler) { // $this->container has the DI - $dms = $this->container->dms; - $settings = $this->container->config; - $logger = $this->container->logger; + $dms = $this->container->get('dms'); + $settings = $this->container->get('config'); + $logger = $this->container->get('logger'); $userobj = null; if ($this->container->has('userobj')) { - $userobj = $this->container->userobj; + $userobj = $this->container->get('userobj'); } if ($userobj) { - $response = $next($request, $response); + $response = $handler->handle($request); return $response; } @@ -100,9 +100,9 @@ class SeedDMS_Auth_Middleware_Session { /* {{{ */ } else { return $response->withStatus(403); } - $this->container['userobj'] = $userobj; + $this->container->set('userobj', $userobj); - $response = $next($request, $response); + $response = $handler->handle($request); return $response; } } /* }}} */ diff --git a/inc/inc.ClassConversionServiceHtmlToText.php b/inc/inc.ClassConversionServiceHtmlToText.php index c9342e564..6130777d5 100644 --- a/inc/inc.ClassConversionServiceHtmlToText.php +++ b/inc/inc.ClassConversionServiceHtmlToText.php @@ -35,7 +35,9 @@ class SeedDMS_ConversionServiceHtmlToText extends SeedDMS_ConversionServiceBase public function convert($infile, $target = null, $params = array()) { $d = new DOMDocument; + libxml_use_internal_errors(true); $d->loadHTMLFile($infile); + libxml_clear_errors(); $body = $d->getElementsByTagName('body')->item(0); $str = ''; foreach($body->childNodes as $childNode) { diff --git a/inc/inc.ClassConversionServiceImageToImage.php b/inc/inc.ClassConversionServiceImageToImage.php index ca2120c15..7f691e9b0 100644 --- a/inc/inc.ClassConversionServiceImageToImage.php +++ b/inc/inc.ClassConversionServiceImageToImage.php @@ -94,6 +94,12 @@ class SeedDMS_ConversionServiceImageToImage extends SeedDMS_ConversionServiceBas case 'image/gif': $im = @imagecreatefromgif($infile); break; + case 'image/webp': + $im = @imagecreatefromwebp($infile); + break; + case 'image/avif': + $im = @imagecreatefromavif($infile); + break; } if($im) { $width = imagesx($im); diff --git a/inc/inc.ClassDownloadMgr.php b/inc/inc.ClassDownloadMgr.php index 78d07d8cb..45b5f9edb 100644 --- a/inc/inc.ClassDownloadMgr.php +++ b/inc/inc.ClassDownloadMgr.php @@ -82,22 +82,24 @@ class SeedDMS_Download_Mgr { $objPHPExcel = new PhpOffice\PhpSpreadsheet\Spreadsheet(); $objPHPExcel->getProperties()->setCreator("SeedDMS")->setTitle("Metadata"); $sheet = $objPHPExcel->setActiveSheetIndex(0); + $sheet->setTitle(getMLText('documents')); $i = 1; - $col = 0; + $col = 1; foreach($this->header as $h) $sheet->setCellValueByColumnAndRow($col++, $i, $h); foreach($this->extraheader as $h) $sheet->setCellValueByColumnAndRow($col++, $i, $h); $i++; foreach($items as $item) { + if($item->isType('documentcontent')) { $document = $item->getDocument(); $dms = $document->_dms; $status = $item->getStatus(); $reviewStatus = $item->getReviewStatus(); $approvalStatus = $item->getApprovalStatus(); - $col = 0; + $col = 1; $sheet->setCellValueByColumnAndRow($col++, $i, $document->getID()); $sheet->setCellValueByColumnAndRow($col++, $i, $document->getName()); $sheet->setCellValueByColumnAndRow($col++, $i, $document->getID()."-".$item->getOriginalFileName()); @@ -174,6 +176,7 @@ class SeedDMS_Download_Mgr { $i = max($l, $k); $i++; } + } $objWriter = new PhpOffice\PhpSpreadsheet\Writer\Xlsx($objPHPExcel); $objWriter->save($file); diff --git a/inc/inc.ClassExtensionMgr.php b/inc/inc.ClassExtensionMgr.php index 8b86b3fb5..2db53d0f9 100644 --- a/inc/inc.ClassExtensionMgr.php +++ b/inc/inc.ClassExtensionMgr.php @@ -406,7 +406,7 @@ class SeedDMS_Extension_Mgr { */ public function checkExtensionByName($extname, $extconf, $options=array()) { /* {{{ */ if(isset($this->configcache[$extname])) { - return $this->configcache[$extname]; +// return $this->configcache[$extname]; } $this->errmsgs = array(); @@ -494,19 +494,6 @@ class SeedDMS_Extension_Mgr { return $this->configcache[$extname]; } /* }}} */ - static protected function rrmdir($dir) { /* {{{ */ - if (is_dir($dir)) { - $objects = scandir($dir); - foreach ($objects as $object) { - if ($object != "." && $object != "..") { - if (filetype($dir."/".$object) == "dir") self::rrmdir($dir."/".$object); else unlink($dir."/".$object); - } - } - reset($objects); - rmdir($dir); - } - } /* }}} */ - /** * Update an extension * @@ -522,7 +509,7 @@ class SeedDMS_Extension_Mgr { $newdir = addDirSep($this->cachedir)."ext.new"; /* First remove a left over from a previous extension */ if(file_exists($newdir)) { - self::rrmdir($newdir); + SeedDMS_Utils::rrmdir($newdir); } if(!mkdir($newdir, 0755)) { $this->errmsgs[] = "Cannot create temp. extension directory"; @@ -542,7 +529,7 @@ class SeedDMS_Extension_Mgr { /* Check if extension is complete and fullfills the constraints */ if(!self::checkExtensionByDir($newdir)) { - self::rrmdir($newdir); + SeedDMS_Utils::rrmdir($newdir); return false; } @@ -553,11 +540,11 @@ class SeedDMS_Extension_Mgr { if(!is_dir($this->extdir)) { if(!mkdir($this->extdir, 0755)) { $this->errmsgs[] = "Cannot create extension directory"; - self::rrmdir($newdir); + SeedDMS_Utils::rrmdir($newdir); return false; } } elseif(is_dir($this->extdir ."/". $extname)) { - $this->rrmdir($this->extdir ."/". $extname); + SeedDMS_Utils::rrmdir($this->extdir ."/". $extname); } /* Move the temp. created ext directory to the final location */ /* rename() may fail if dirs are moved from one device to another. @@ -579,7 +566,7 @@ class SeedDMS_Extension_Mgr { * has been copied. */ $this->errmsgs[] = "Cannot move temp. extension directory to final destination"; - $this->rrmdir($this->extdir ."/". $extname); + SeedDMS_Utils::rrmdir($this->extdir ."/". $extname); return false; } diff --git a/inc/inc.ClassFulltextService.php b/inc/inc.ClassFulltextService.php index 286444a45..b729a3d8a 100644 --- a/inc/inc.ClassFulltextService.php +++ b/inc/inc.ClassFulltextService.php @@ -209,7 +209,7 @@ class SeedDMS_FulltextService { if($this->index) return $this->index; - if($this->services[0]) { + if($this->services) { if($recreate) $this->index = $this->services[0]['Indexer']::create($this->services[0]['Conf']); else @@ -222,7 +222,7 @@ class SeedDMS_FulltextService { public function Search() { /* {{{ */ if($this->search) return $this->search; - if($this->services[0]) { + if($this->services) { $this->search = new $this->services[0]['Search']($this->index); return $this->search; } else { diff --git a/inc/inc.ClassSettings.php b/inc/inc.ClassSettings.php index 9ed5062be..4ae94648e 100644 --- a/inc/inc.ClassSettings.php +++ b/inc/inc.ClassSettings.php @@ -323,6 +323,8 @@ class Settings { /* {{{ */ var $_maxRecursiveCount = 10000; // number of days in the past of the dashboard var $_daysPastDashboard = 7; + // list of folders not considered for dashboard + var $_excludeFoldersDashboard = []; // enable/disable help var $_enableHelp = true; // enable/disable language selection menu @@ -624,6 +626,8 @@ class Settings { /* {{{ */ $this->_enableRecursiveCount = Settings::boolVal($tab["enableRecursiveCount"]); $this->_maxRecursiveCount = intval($tab["maxRecursiveCount"]); $this->_daysPastDashboard = intval($tab["daysPastDashboard"]); + if(trim(strval($tab["excludeFoldersDashboard"]))) + $this->_excludeFoldersDashboard = explode(',',strval($tab["excludeFoldersDashboard"])); $this->_enableHelp = Settings::boolVal($tab["enableHelp"]); $this->_enableLanguageSelector = Settings::boolVal($tab["enableLanguageSelector"]); $this->_enableThemeSelector = Settings::boolVal($tab["enableThemeSelector"]); @@ -1055,6 +1059,7 @@ class Settings { /* {{{ */ $this->setXMLAttributValue($node, "enableRecursiveCount", $this->_enableRecursiveCount); $this->setXMLAttributValue($node, "maxRecursiveCount", $this->_maxRecursiveCount); $this->setXMLAttributValue($node, "daysPastDashboard", $this->_daysPastDashboard); + $this->setXMLAttributValue($node, "excludeFoldersDashboard", implode(',', $this->_excludeFoldersDashboard)); $this->setXMLAttributValue($node, "enableHelp", $this->_enableHelp); $this->setXMLAttributValue($node, "enableLanguageSelector", $this->_enableLanguageSelector); $this->setXMLAttributValue($node, "enableThemeSelector", $this->_enableThemeSelector); diff --git a/inc/inc.ConversionInit.php b/inc/inc.ConversionInit.php index 3e384025b..f5cce91c3 100644 --- a/inc/inc.ConversionInit.php +++ b/inc/inc.ConversionInit.php @@ -63,6 +63,8 @@ if (extension_loaded('gd') || extension_loaded('imagick')) { $conversionmgr->addService(new SeedDMS_ConversionServiceImageToImage('image/png', 'image/png'))->setLogger($logger); $conversionmgr->addService(new SeedDMS_ConversionServiceImageToImage('image/jpg', 'image/png'))->setLogger($logger); $conversionmgr->addService(new SeedDMS_ConversionServiceImageToImage('image/gif', 'image/png'))->setLogger($logger); + $conversionmgr->addService(new SeedDMS_ConversionServiceImageToImage('image/webp', 'image/png'))->setLogger($logger); + $conversionmgr->addService(new SeedDMS_ConversionServiceImageToImage('image/avif', 'image/png'))->setLogger($logger); } if (extension_loaded('imagick')) { diff --git a/inc/inc.Tasks.php b/inc/inc.Tasks.php index 0e2bca4c4..3443cbf2d 100644 --- a/inc/inc.Tasks.php +++ b/inc/inc.Tasks.php @@ -813,6 +813,7 @@ class SeedDMS_RecentChangesTask extends SeedDMS_SchedulerTaskBase { /* {{{ */ $params['__body__'] = $body; $params['__body_html__'] = $bodyhtml; + $params['__skip_footer__'] = true; $params['sitename'] = $settings->_siteName; $email->toIndividual('', $u, 'recentchanges_mail_subject', '', $params); diff --git a/inc/inc.Utils.php b/inc/inc.Utils.php index 2bbc99e02..60c380dda 100644 --- a/inc/inc.Utils.php +++ b/inc/inc.Utils.php @@ -1264,6 +1264,34 @@ function getColorBrightness($color) { /* {{{ */ return $brightness; } /* }}} */ +/** + * Class with various utility methods + * + * This class will sooner or later comprise the functions above + * + */ +class SeedDMS_Utils { /* {{{ */ + + /** + * Recursively remove a directory on disc + * + * @param string $dir name of directory + */ + static public function rrmdir($dir) { /* {{{ */ + if (is_dir($dir)) { + $objects = scandir($dir); + foreach ($objects as $object) { + if ($object != "." && $object != "..") { + if (filetype($dir."/".$object) == "dir") self::rrmdir($dir."/".$object); else unlink($dir."/".$object); + } + } + reset($objects); + rmdir($dir); + } + } /* }}} */ + +} /* }}} */ + /** * Class for creating encrypted api keys * diff --git a/index.php b/index.php index b6fa64a0d..bf780ef9a 100644 --- a/index.php +++ b/index.php @@ -31,6 +31,9 @@ require "inc/inc.Settings.php"; +use DI\ContainerBuilder; +use Slim\Factory\AppFactory; + if(true) { require_once("inc/inc.Utils.php"); require_once("inc/inc.LogInit.php"); @@ -39,7 +42,9 @@ if(true) { require_once("inc/inc.Extension.php"); require_once("inc/inc.DBInit.php"); - $c = new \Slim\Container(); //Create Your container + $containerBuilder = new \DI\ContainerBuilder(); + $c = $containerBuilder->build(); + /* $c['notFoundHandler'] = function ($c) use ($settings, $dms) { return function ($request, $response) use ($c, $settings, $dms) { $uri = $request->getUri(); @@ -62,25 +67,42 @@ if(true) { ->withHeader('Location', isset($settings->_siteDefaultPage) && strlen($settings->_siteDefaultPage)>0 ? $settings->_httpRoot.$settings->_siteDefaultPage : $settings->_httpRoot."out/out.ViewFolder.php"); }; }; - $app = new \Slim\App($c); + */ + AppFactory::setContainer($c); + $app = AppFactory::create(); + /* put lots of data into the container, because if slim instanciates + * a class by itself (with the help from the DI container), it will + * pass the container to the constructor of the instanciated class. + */ $container = $app->getContainer(); - $container['dms'] = $dms; - $container['config'] = $settings; - $container['conversionmgr'] = $conversionmgr; - $container['logger'] = $logger; - $container['fulltextservice'] = $fulltextservice; - $container['notifier'] = $notifier; - $container['authenticator'] = $authenticator; + $container->set('dms', $dms); + $container->set('config', $settings); + $container->set('conversionmgr', $conversionmgr); + $container->set('logger', $logger); + $container->set('fulltextservice', $fulltextservice); + $container->set('notifier', $notifier); + $container->set('authenticator', $authenticator); + if(isset($GLOBALS['SEEDDMS_HOOKS']['initDMS'])) { + foreach($GLOBALS['SEEDDMS_HOOKS']['initDMS'] as $hookObj) { + if (method_exists($hookObj, 'addMiddleware')) { + $hookObj->addMiddleware($app); + } + } + } + + $app->get('/', function($request, $response) { + return $response + ->withHeader('Location', '/out/out.ViewFolder.php') + ->withStatus(302); + + }); if(isset($GLOBALS['SEEDDMS_HOOKS']['initDMS'])) { foreach($GLOBALS['SEEDDMS_HOOKS']['initDMS'] as $hookObj) { if (method_exists($hookObj, 'addRoute')) { + // FIXME: pass $app only just like initRestAPI. $app has a container + // which contains all other objects $hookObj->addRoute(array('dms'=>$dms, 'app'=>$app, 'settings'=>$settings, 'conversionmgr'=>$conversionmgr, 'authenticator'=>$authenticator, 'fulltextservice'=>$fulltextservice, 'logger'=>$logger)); -// } else { -// include("inc/inc.Authentication.php"); -// if (method_exists($hookObj, 'addRouteAfterAuthentication')) { -// $hookObj->addRouteAfterAuthentication(array('dms'=>$dms, 'app'=>$app, 'settings'=>$settings, 'user'=>$user)); -// } } } } diff --git a/install/create_tables-innodb.sql b/install/create_tables-innodb.sql index 1b0c031f0..70e028b77 100644 --- a/install/create_tables-innodb.sql +++ b/install/create_tables-innodb.sql @@ -119,7 +119,7 @@ CREATE TABLE `tblUserSubstitutes` ( PRIMARY KEY (`id`), UNIQUE KEY `user` (`user`,`substitute`), CONSTRAINT `tblUserSubstitutes_user` FOREIGN KEY (`user`) REFERENCES `tblUsers` (`id`) ON DELETE CASCADE, - CONSTRAINT `tblUserSubstitutes_substitute` FOREIGN KEY (`user`) REFERENCES `tblUsers` (`id`) ON DELETE CASCADE + CONSTRAINT `tblUserSubstitutes_substitute` FOREIGN KEY (`substitute`) REFERENCES `tblUsers` (`id`) ON DELETE CASCADE ); -- -------------------------------------------------------- diff --git a/install/update-6.0.0/update.sql b/install/update-6.0.0/update.sql index 74d8eb548..d1f26e99a 100644 --- a/install/update-6.0.0/update.sql +++ b/install/update-6.0.0/update.sql @@ -41,7 +41,7 @@ CREATE TABLE `tblUserSubstitutes` ( PRIMARY KEY (`id`), UNIQUE (`user`, `substitute`), CONSTRAINT `tblUserSubstitutes_user` FOREIGN KEY (`user`) REFERENCES `tblUsers` (`id`) ON DELETE CASCADE, - CONSTRAINT `tblUserSubstitutes_substitute` FOREIGN KEY (`user`) REFERENCES `tblUsers` (`id`) ON DELETE CASCADE + CONSTRAINT `tblUserSubstitutes_substitute` FOREIGN KEY (`substitute`) REFERENCES `tblUsers` (`id`) ON DELETE CASCADE ) ENGINE=InnoDB DEFAULT CHARSET=utf8; CREATE TABLE `tblDocumentCheckOuts` ( diff --git a/op/op.AddFile.php b/op/op.AddFile.php index 77ba5bc2d..2cbbb5b45 100644 --- a/op/op.AddFile.php +++ b/op/op.AddFile.php @@ -51,6 +51,47 @@ if ($document->getAccessMode($user, 'addDocumentFile') < M_READWRITE) { UI::exitError(getMLText("document_title", array("documentname" => $document->getName())),getMLText("access_denied")); } +function reArrayFiles(&$file_post) { + $file_ary = array(); + $file_count = count($file_post['name']); + $file_keys = array_keys($file_post); + + for ($i=0; $i<$file_count; $i++) { + if($file_post['error'][$i] != 4) { // no file uploaded + foreach ($file_keys as $key) { + $file_ary[$i][$key] = $file_post[$key][$i]; + } + $file_ary[$i]['source'] = 'upload'; + } + } + + return $file_ary; +} + +if(!empty($_FILES['userfile'])) { + $file_ary = reArrayFiles($_FILES['userfile']); +} else { + $file_ary = array(); +} + +if($settings->_dropFolderDir) { + if(isset($_POST["dropfolderfileaddfileform"]) && $_POST["dropfolderfileaddfileform"]) { + $fullfile = $settings->_dropFolderDir.'/'.$user->getLogin().'/'.$_POST["dropfolderfileaddfileform"]; + if(file_exists($fullfile)) { + $finfo = finfo_open(FILEINFO_MIME_TYPE); + $mimetype = finfo_file($finfo, $fullfile); + $file_ary[] = array( + 'tmp_name' => $fullfile, + 'type' => $mimetype, + 'name' => $_POST["dropfolderfileaddfileform"], + 'size' => filesize($fullfile), + 'error' => 0, + 'source' => 'dropfolder' + ); + } + } +} + $prefix = 'userfile'; if(isset($_POST[$prefix.'-fine-uploader-uuids']) && $_POST[$prefix.'-fine-uploader-uuids']) { $uuids = explode(';', $_POST[$prefix.'-fine-uploader-uuids']); @@ -60,34 +101,43 @@ if(isset($_POST[$prefix.'-fine-uploader-uuids']) && $_POST[$prefix.'-fine-upload if(file_exists($fullfile)) { $finfo = finfo_open(FILEINFO_MIME_TYPE); $mimetype = finfo_file($finfo, $fullfile); - $_FILES["userfile"]['tmp_name'][] = $fullfile; - $_FILES["userfile"]['type'][] = $mimetype; - $_FILES["userfile"]['name'][] = isset($names[$i]) ? $names[$i] : $uuid; - $_FILES["userfile"]['size'][] = filesize($fullfile); - $_FILES["userfile"]['error'][] = 0; + $file_ary[] = array( + 'tmp_name' => $fullfile, + 'type' => $mimetype, + 'name' => isset($names[$i]) ? $names[$i] : $uuid, + 'size' => filesize($fullfile), + 'error' => 0, + 'source' => 'upload', + ); } } } +if(!$file_ary) { + UI::exitError(getMLText("document_title", array("documentname" => $document->getName())),getMLText("uploading_failed")); +} + $maxuploadsize = SeedDMS_Core_File::parse_filesize($settings->_maxUploadSize); -for ($file_num=0;$file_num $document->getName())),getMLText("uploading_zerosize")); +foreach($file_ary as $file) { + if($file['error']==1) { + UI::exitError(getMLText("document_title", array("documentname" => $document->getName())),getMLText("uploading_maxsize")); } - if ($maxuploadsize && $_FILES["userfile"]["size"][$file_num] > $maxuploadsize) { - UI::exitError(getMLText("folder_title", array("documentname" => $document->getName())),getMLText("uploading_maxsize")); - } - if (is_uploaded_file($_FILES["userfile"]["tmp_name"][$file_num]) && $_FILES['userfile']['error'][$file_num] != 0){ + if($file['error']!=0) { UI::exitError(getMLText("document_title", array("documentname" => $document->getName())),getMLText("uploading_failed")); } - if($_FILES["userfile"]["error"][$file_num]) { - UI::exitError(getMLText("document_title", array("documentname" => $document->getName())),getMLText("error_occured")); + if ($file["size"]==0) { + UI::exitError(getMLText("document_title", array("documentname" => $document->getName())),getMLText("uploading_zerosize")); } + if ($maxuploadsize && $file["size"] > $maxuploadsize) { + UI::exitError(getMLText("document_title", array("documentname" => $document->getName())),getMLText("uploading_maxsize")); + } +} - if(count($_FILES["userfile"]["tmp_name"]) == 1 && !empty($_POST['name'])) +foreach($file_ary as $file) { + if(count($file_ary) == 1 && !empty($_POST['name'])) $name = $_POST["name"]; else - $name = $_FILES["userfile"]['name'][$file_num]; + $name = $file['name']; $comment = $_POST["comment"]; $version = (int) $_POST["version"]; $public = (isset($_POST["public"]) && $_POST["public"] == 'true') ? 1 : 0; @@ -99,9 +149,9 @@ for ($file_num=0;$file_numsetSplashMsg(array('type'=>'error', 'msg'=>getMLText('error_importfs'))); else { if(isset($_GET['remove']) && $_GET["remove"]) { - $cmd = 'rm -rf '.$dirname; - $ret = null; - system($cmd, $ret); + SeedDMS_Utils::rrmdir($dirname); +// $cmd = 'rm -rf '.$dirname; +// $ret = null; +// system($cmd, $ret); } $session->setSplashMsg(array('type'=>'success', 'msg'=>getMLText('splash_importfs', array('docs'=>$doccount, 'folders'=>$foldercount)))); } diff --git a/op/op.Settings.php b/op/op.Settings.php index 8ef4e88bb..20da8d35b 100644 --- a/op/op.Settings.php +++ b/op/op.Settings.php @@ -150,6 +150,7 @@ if ($action == "saveSettings") setBoolValue("enableRecursiveCount"); setIntValue("maxRecursiveCount"); setIntValue("daysPastDashboard"); + setArrayValue("excludeFoldersDashboard"); setBoolValue("enableLanguageSelector"); setBoolValue("enableHelp"); setBoolValue("enableThemeSelector"); diff --git a/out/out.Dashboard.php b/out/out.Dashboard.php index 46db57143..5a25caaf7 100644 --- a/out/out.Dashboard.php +++ b/out/out.Dashboard.php @@ -25,6 +25,7 @@ if($view) { $view->setParam('convertToPdf', $settings->_convertToPdf); $view->setParam('timeout', $settings->_cmdTimeout); $view->setParam('dayspastdashboard', (int) $settings->_daysPastDashboard); + $view->setParam('excludedfolders', $settings->_excludeFoldersDashboard); $view->setParam('accessobject', $accessop); $view->setParam('xsendfile', $settings->_enableXsendfile); $view($_GET); diff --git a/out/out.Tasks.php b/out/out.Tasks.php index 3584c171d..d51e0d1ca 100644 --- a/out/out.Tasks.php +++ b/out/out.Tasks.php @@ -40,6 +40,7 @@ if($view) { $view->setParam('previewWidthList', $settings->_previewWidthList); $view->setParam('timeout', $settings->_cmdTimeout); $view->setParam('xsendfile', $settings->_enableXsendfile); + $view->setParam('tasksinmenu', []); $view($_GET); exit; } diff --git a/restapi/index.php b/restapi/index.php index e2e324c5a..e1685aba9 100644 --- a/restapi/index.php +++ b/restapi/index.php @@ -18,13 +18,40 @@ require_once("../inc/inc.ClassController.php"); require "vendor/autoload.php"; use Psr\Container\ContainerInterface; +use Psr\Http\Message\ResponseInterface; +use Psr\Http\Message\ServerRequestInterface; +use Psr\Http\Server\RequestHandlerInterface; +use Psr\Http\Server\MiddlewareInterface; +use DI\ContainerBuilder; +use Slim\Factory\AppFactory; -class RestapiController { /* {{{ */ +final class JsonRenderer +{ + public function json( + ResponseInterface $response, + array $data = null + ): ResponseInterface { + $response = $response->withHeader('Content-Type', 'application/json'); + + $response->getBody()->write( + (string)json_encode( + $data, + JSON_UNESCAPED_SLASHES | JSON_PARTIAL_OUTPUT_ON_ERROR + ) + ); + + return $response; + } +} + +final class SeedDMS_RestapiController { /* {{{ */ protected $container; + protected $renderer; - // constructor receives container instance - public function __construct(ContainerInterface $container) { + // constructor receives container and renderer instance by DI + public function __construct(ContainerInterface $container, JsonRenderer $renderer) { $this->container = $container; + $this->renderer = $renderer; } protected function __getAttributesData($obj) { /* {{{ */ @@ -56,7 +83,8 @@ class RestapiController { /* {{{ */ 'name'=>$document->getName(), 'comment'=>$document->getComment(), 'keywords'=>$document->getKeywords(), - 'categories'=>$tmp + 'categories'=>$tmp, + 'owner'=>(int)$document->getOwner()->getId() ); return $data; } /* }}} */ @@ -142,6 +170,7 @@ class RestapiController { /* {{{ */ 'name'=>$folder->getName(), 'comment'=>$folder->getComment(), 'date'=>date('Y-m-d H:i:s', $folder->getDate()), + 'owner'=>(int)$folder->getOwner()->getId() ); $attributes = $this->__getAttributesData($folder); if($attributes) { @@ -169,6 +198,8 @@ class RestapiController { /* {{{ */ 'login'=>$u->getLogin(), 'email'=>$u->getEmail(), 'language' => $u->getLanguage(), + 'quota' => $u->getQuota(), + 'homefolder' => $u->getHomeFolder(), 'theme' => $u->getTheme(), 'role' => $this->__getRoleData($u->getRole()), //array('id'=>(int)$u->getRole()->getId(), 'name'=>$u->getRole()->getName()), 'hidden'=>$u->isHidden() ? true : false, @@ -225,15 +256,15 @@ class RestapiController { /* {{{ */ function doLogin($request, $response) { /* {{{ */ global $session; - $dms = $this->container->dms; - $settings = $this->container->config; - $logger = $this->container->logger; - $authenticator = $this->container->authenticator; + $dms = $this->container->get('dms'); + $settings = $this->container->get('config'); + $logger = $this->container->get('logger'); + $authenticator = $this->container->get('authenticator'); $params = $request->getParsedBody(); if(empty($params['user']) || empty($params['pass'])) { $logger->log("Login without username or password failed", PEAR_LOG_INFO); - return $response->withJson(array('success'=>false, 'message'=>'No user or password given', 'data'=>''), 400); + return $this->renderer->json($response, array('success'=>false, 'message'=>'No user or password given', 'data'=>''))->withStatus(400); } $username = $params['user']; $password = $params['pass']; @@ -242,12 +273,12 @@ class RestapiController { /* {{{ */ if(!$userobj) { setcookie("mydms_session", '', time()-3600, $settings->_httpRoot); $logger->log("Login with user name '".$username."' failed", PEAR_LOG_ERR); - return $response->withJson(array('success'=>false, 'message'=>'Login failed', 'data'=>''), 403); + return $this->renderer->json($response, array('success'=>false, 'message'=>'Login failed', 'data'=>''))->withStatus(403); } else { require_once("../inc/inc.ClassSession.php"); $session = new SeedDMS_Session($dms->getDb()); if(!$id = $session->create(array('userid'=>$userobj->getId(), 'theme'=>$userobj->getTheme(), 'lang'=>$userobj->getLanguage()))) { - return $response->withJson(array('success'=>false, 'message'=>'Creating session failed', 'data'=>''), 500); + return $this->renderer->json($response, array('success'=>false, 'message'=>'Creating session failed', 'data'=>''))->withStatus(500); } // Set the session cookie. @@ -259,14 +290,14 @@ class RestapiController { /* {{{ */ $dms->setUser($userobj); $logger->log("Login with user name '".$username."' successful", PEAR_LOG_INFO); - return $response->withJson(array('success'=>true, 'message'=>'', 'data'=>$this->__getUserData($userobj)), 200); + return $this->renderer->json($response, array('success'=>true, 'message'=>'', 'data'=>$this->__getUserData($userobj)))->withStatus(200); } } /* }}} */ function doLogout($request, $response) { /* {{{ */ - $dms = $this->container->dms; - $userobj = $this->container->userobj; - $settings = $this->container->config; + $dms = $this->container->get('dms'); + $userobj = $this->container->get('userobj'); + $settings = $this->container->get('config'); if(isset($_COOKIE['mydms_session'])) { $dms_session = $_COOKIE["mydms_session"]; @@ -286,42 +317,42 @@ class RestapiController { /* {{{ */ } setcookie("mydms_session", '', time()-3600, $settings->_httpRoot); } - return $response->withJson(array('success'=>true, 'message'=>'', 'data'=>''), 200); + return $this->renderer->json($response, array('success'=>true, 'message'=>'', 'data'=>''))->withStatus(200); } /* }}} */ function setFullName($request, $response) { /* {{{ */ - $dms = $this->container->dms; - $userobj = $this->container->userobj; + $dms = $this->container->get('dms'); + $userobj = $this->container->get('userobj'); if(!$userobj) { - return $response->withJson(array('success'=>false, 'message'=>'Not logged in', 'data'=>''), 403); + return $this->renderer->json($response, array('success'=>false, 'message'=>'Not logged in', 'data'=>''))->withStatus(403); return; } $params = $request->getParsedBody(); $userobj->setFullName($params['fullname']); $data = $this->__getUserData($userobj); - return $response->withJson(array('success'=>true, 'message'=>'', 'data'=>$data), 200); + return $this->renderer->json($response, array('success'=>true, 'message'=>'', 'data'=>$data))->withStatus(200); } /* }}} */ function setEmail($request, $response) { /* {{{ */ - $dms = $this->container->dms; - $userobj = $this->container->userobj; + $dms = $this->container->get('dms'); + $userobj = $this->container->get('userobj'); if(!$userobj) { - return $response->withJson(array('success'=>false, 'message'=>'Not logged in', 'data'=>''), 403); + return $this->renderer->json($response, array('success'=>false, 'message'=>'Not logged in', 'data'=>''))->withStatus(403); return; } $params = $request->getParsedBody(); $userobj->setEmail($params['email']); $data = $this->__getUserData($userobj); - return $response->withJson(array('success'=>true, 'message'=>'', 'data'=>$data), 200); + return $this->renderer->json($response, array('success'=>true, 'message'=>'', 'data'=>$data))->withStatus(200); } /* }}} */ function getLockedDocuments($request, $response) { /* {{{ */ - $dms = $this->container->dms; - $userobj = $this->container->userobj; + $dms = $this->container->get('dms'); + $userobj = $this->container->get('userobj'); if(false !== ($documents = $dms->getDocumentsLockedByUser($userobj))) { $documents = SeedDMS_Core_DMS::filterAccess($documents, $userobj, M_READ); @@ -332,16 +363,16 @@ class RestapiController { /* {{{ */ $recs[] = $this->__getLatestVersionData($lc); } } - return $response->withJson(array('success'=>true, 'message'=>'', 'data'=>$recs), 200); + return $this->renderer->json($response, array('success'=>true, 'message'=>'', 'data'=>$recs))->withStatus(200); } else { - return $response->withJson(array('success'=>false, 'message'=>'', 'data'=>''), 500); + return $this->renderer->json($response, array('success'=>false, 'message'=>'', 'data'=>''))->withStatus(500); } } /* }}} */ function getFolder($request, $response, $args) { /* {{{ */ - $dms = $this->container->dms; - $userobj = $this->container->userobj; - $settings = $this->container->config; + $dms = $this->container->get('dms'); + $userobj = $this->container->get('userobj'); + $settings = $this->container->get('config'); $params = $request->getQueryParams(); $forcebyname = isset($params['forcebyname']) ? $params['forcebyname'] : 0; @@ -357,26 +388,26 @@ class RestapiController { /* {{{ */ if($folder) { if($folder->getAccessMode($userobj) >= M_READ) { $data = $this->__getFolderData($folder); - return $response->withJson(array('success'=>true, 'message'=>'', 'data'=>$data), 200); + return $this->renderer->json($response, array('success'=>true, 'message'=>'', 'data'=>$data))->withStatus(200); } else { - return $response->withJson(array('success'=>false, 'message'=>'No access', 'data'=>''), 403); + return $this->renderer->json($response, array('success'=>false, 'message'=>'No access', 'data'=>''))->withStatus(403); } } else { - return $response->withJson(array('success'=>false, 'message'=>'No such folder', 'data'=>''), 404); + return $this->renderer->json($response, array('success'=>false, 'message'=>'No such folder', 'data'=>''))->withStatus(404); } } /* }}} */ function getFolderParent($request, $response, $args) { /* {{{ */ - $dms = $this->container->dms; - $userobj = $this->container->userobj; + $dms = $this->container->get('dms'); + $userobj = $this->container->get('userobj'); $id = $args['id']; if($id == 0) { - return $response->withJson(array('success'=>true, 'message'=>'id is 0', 'data'=>''), 200); + return $this->renderer->json($response, array('success'=>true, 'message'=>'id is 0', 'data'=>''))->withStatus(200); } $root = $dms->getRootFolder(); if($root->getId() == $id) { - return $response->withJson(array('success'=>true, 'message'=>'id is root folder', 'data'=>''), 200); + return $this->renderer->json($response, array('success'=>true, 'message'=>'id is root folder', 'data'=>''))->withStatus(200); } $folder = $dms->getFolder($id); if($folder) { @@ -384,24 +415,24 @@ class RestapiController { /* {{{ */ if($parent) { if($parent->getAccessMode($userobj) >= M_READ) { $rec = $this->__getFolderData($parent); - return $response->withJson(array('success'=>true, 'message'=>'', 'data'=>$rec), 200); + return $this->renderer->json($response, array('success'=>true, 'message'=>'', 'data'=>$rec))->withStatus(200); } else { - return $response->withJson(array('success'=>false, 'message'=>'No access', 'data'=>''), 403); + return $this->renderer->json($response, array('success'=>false, 'message'=>'No access', 'data'=>''))->withStatus(403); } } else { - return $response->withJson(array('success'=>false, 'message'=>'', 'data'=>''), 500); + return $this->renderer->json($response, array('success'=>false, 'message'=>'', 'data'=>''))->withStatus(500); } } else { - return $response->withJson(array('success'=>false, 'message'=>'No such folder', 'data'=>''), 404); + return $this->renderer->json($response, array('success'=>false, 'message'=>'No such folder', 'data'=>''))->withStatus(404); } } /* }}} */ function getFolderPath($request, $response, $args) { /* {{{ */ - $dms = $this->container->dms; - $userobj = $this->container->userobj; + $dms = $this->container->get('dms'); + $userobj = $this->container->get('userobj'); if(empty($args['id'])) { - return $response->withJson(array('success'=>true, 'message'=>'id is 0', 'data'=>''), 200); + return $this->renderer->json($response, array('success'=>true, 'message'=>'id is 0', 'data'=>''))->withStatus(200); } $folder = $dms->getFolder($args['id']); if($folder) { @@ -411,40 +442,40 @@ class RestapiController { /* {{{ */ foreach($path as $element) { $data[] = array('id'=>$element->getId(), 'name'=>$element->getName()); } - return $response->withJson(array('success'=>true, 'message'=>'', 'data'=>$data), 200); + return $this->renderer->json($response, array('success'=>true, 'message'=>'', 'data'=>$data))->withStatus(200); } else { - return $response->withJson(array('success'=>false, 'message'=>'No access', 'data'=>''), 403); + return $this->renderer->json($response, array('success'=>false, 'message'=>'No access', 'data'=>''))->withStatus(403); } } else { - return $response->withJson(array('success'=>false, 'message'=>'No such folder', 'data'=>''), 404); + return $this->renderer->json($response, array('success'=>false, 'message'=>'No such folder', 'data'=>''))->withStatus(404); } } /* }}} */ function getFolderAttributes($request, $response, $args) { /* {{{ */ - $dms = $this->container->dms; - $userobj = $this->container->userobj; + $dms = $this->container->get('dms'); + $userobj = $this->container->get('userobj'); $folder = $dms->getFolder($args['id']); if($folder) { if ($folder->getAccessMode($userobj) >= M_READ) { $attributes = $this->__getAttributesData($folder); - return $response->withJson(array('success'=>true, 'message'=>'', 'data'=>$attributes), 200); + return $this->renderer->json($response, array('success'=>true, 'message'=>'', 'data'=>$attributes))->withStatus(200); } else { - return $response->withJson(array('success'=>false, 'message'=>'No access', 'data'=>''), 403); + return $this->renderer->json($response, array('success'=>false, 'message'=>'No access', 'data'=>''))->withStatus(403); } } else { - return $response->withJson(array('success'=>false, 'message'=>'No such folder', 'data'=>''), 404); + return $this->renderer->json($response, array('success'=>false, 'message'=>'No such folder', 'data'=>''))->withStatus(404); } } /* }}} */ function getFolderChildren($request, $response, $args) { /* {{{ */ - $dms = $this->container->dms; - $userobj = $this->container->userobj; + $dms = $this->container->get('dms'); + $userobj = $this->container->get('userobj'); if(empty($args['id'])) { $folder = $dms->getRootFolder(); $recs = array($this->$this->__getFolderData($folder)); - return $response->withJson(array('success'=>true, 'message'=>'', 'data'=>$recs), 200); + return $this->renderer->json($response, array('success'=>true, 'message'=>'', 'data'=>$recs))->withStatus(200); } else { $folder = $dms->getFolder($args['id']); if($folder) { @@ -463,30 +494,30 @@ class RestapiController { /* {{{ */ $recs[] = $this->__getLatestVersionData($lc); } } - return $response->withJson(array('success'=>true, 'message'=>'', 'data'=>$recs), 200); + return $this->renderer->json($response, array('success'=>true, 'message'=>'', 'data'=>$recs))->withStatus(200); } else { - return $response->withJson(array('success'=>false, 'message'=>'No access', 'data'=>''), 403); + return $this->renderer->json($response, array('success'=>false, 'message'=>'No access', 'data'=>''))->withStatus(403); } } else { - return $response->withJson(array('success'=>false, 'message'=>'No such folder', 'data'=>''), 404); + return $this->renderer->json($response, array('success'=>false, 'message'=>'No such folder', 'data'=>''))->withStatus(404); } } } /* }}} */ function createFolder($request, $response, $args) { /* {{{ */ - $dms = $this->container->dms; - $userobj = $this->container->userobj; - $settings = $this->container->config; - $logger = $this->container->logger; - $fulltextservice = $this->container->fulltextservice; - $notifier = $this->container->notifier; + $dms = $this->container->get('dms'); + $userobj = $this->container->get('userobj'); + $settings = $this->container->get('config'); + $logger = $this->container->get('logger'); + $fulltextservice = $this->container->get('fulltextservice'); + $notifier = $this->container->get('notifier'); if(!$userobj) { - return $response->withJson(array('success'=>false, 'message'=>'Not logged in', 'data'=>''), 403); + return $this->renderer->json($response, array('success'=>false, 'message'=>'Not logged in', 'data'=>''))->withStatus(403); } if(!ctype_digit($args['id']) || $args['id'] == 0) { - return $response->withJson(array('success'=>false, 'message'=>'No parent folder given', 'data'=>''), 400); + return $this->renderer->json($response, array('success'=>false, 'message'=>'No parent folder given', 'data'=>''))->withStatus(400); return; } $parent = $dms->getFolder($args['id']); @@ -498,7 +529,7 @@ class RestapiController { /* {{{ */ if(isset($params['sequence'])) { $sequence = str_replace(',', '.', $params["sequence"]); if (!is_numeric($sequence)) - return $response->withJson(array('success'=>false, 'message'=>getMLText("invalid_sequence"), 'data'=>''), 400); + return $this->renderer->json($response, array('success'=>false, 'message'=>getMLText("invalid_sequence"), 'data'=>''))->withStatus(400); } else { $dd = $parent->getSubFolders('s'); if(count($dd) > 1) @@ -521,7 +552,7 @@ class RestapiController { /* {{{ */ /* Check if name already exists in the folder */ if(!$settings->_enableDuplicateSubFolderNames) { if($parent->hasSubFolderByName($params['name'])) { - return $response->withJson(array('success'=>false, 'message'=>getMLText("subfolder_duplicate_name"), 'data'=>''), 409); + return $this->renderer->json($response, array('success'=>false, 'message'=>getMLText("subfolder_duplicate_name"), 'data'=>''))->withStatus(409); } } @@ -542,35 +573,35 @@ class RestapiController { /* {{{ */ if($notifier) { $notifier->sendNewFolderMail($folder, $userobj); } - return $response->withJson(array('success'=>true, 'message'=>'', 'data'=>$rec), 201); + return $this->renderer->json($response, array('success'=>true, 'message'=>'', 'data'=>$rec))->withStatus(201); } else { - return $response->withJson(array('success'=>false, 'message'=>'Could not create folder', 'data'=>''), 500); + return $this->renderer->json($response, array('success'=>false, 'message'=>'Could not create folder', 'data'=>''))->withStatus(500); } } else { - return $response->withJson(array('success'=>false, 'message'=>'Missing folder name', 'data'=>''), 400); + return $this->renderer->json($response, array('success'=>false, 'message'=>'Missing folder name', 'data'=>''))->withStatus(400); } } else { - return $response->withJson(array('success'=>false, 'message'=>'No access on destination folder', 'data'=>''), 403); + return $this->renderer->json($response, array('success'=>false, 'message'=>'No access on destination folder', 'data'=>''))->withStatus(403); } } else { - return $response->withJson(array('success'=>false, 'message'=>'Could not find parent folder', 'data'=>''), 404); + return $this->renderer->json($response, array('success'=>false, 'message'=>'Could not find parent folder', 'data'=>''))->withStatus(404); } } /* }}} */ function moveFolder($request, $response, $args) { /* {{{ */ - $dms = $this->container->dms; - $userobj = $this->container->userobj; + $dms = $this->container->get('dms'); + $userobj = $this->container->get('userobj'); if(!$userobj) { - return $response->withJson(array('success'=>false, 'message'=>'Not logged in', 'data'=>''), 403); + return $this->renderer->json($response, array('success'=>false, 'message'=>'Not logged in', 'data'=>''))->withStatus(403); } if(!ctype_digit($args['id']) || $args['id'] == 0) { - return $response->withJson(array('success'=>false, 'message'=>'No source folder given', 'data'=>''), 400); + return $this->renderer->json($response, array('success'=>false, 'message'=>'No source folder given', 'data'=>''))->withStatus(400); } if(!ctype_digit($args['folderid']) || $args['folderid'] == 0) { - return $response->withJson(array('success'=>false, 'message'=>'No destination folder given', 'data'=>''), 400); + return $this->renderer->json($response, array('success'=>false, 'message'=>'No destination folder given', 'data'=>''))->withStatus(400); } $mfolder = $dms->getFolder($args['id']); @@ -579,82 +610,82 @@ class RestapiController { /* {{{ */ if($folder = $dms->getFolder($args['folderid'])) { if($folder->getAccessMode($userobj, 'moveFolder') >= M_READWRITE) { if($mfolder->setParent($folder)) { - return $response->withJson(array('success'=>true, 'message'=>'', 'data'=>''), 200); + return $this->renderer->json($response, array('success'=>true, 'message'=>'', 'data'=>''))->withStatus(200); } else { - return $response->withJson(array('success'=>false, 'message'=>'Error moving folder', 'data'=>''), 500); + return $this->renderer->json($response, array('success'=>false, 'message'=>'Error moving folder', 'data'=>''))->withStatus(500); } } else { - return $response->withJson(array('success'=>false, 'message'=>'No access on destination folder', 'data'=>''), 403); + return $this->renderer->json($response, array('success'=>false, 'message'=>'No access on destination folder', 'data'=>''))->withStatus(403); } } else { if($folder === null) $status = 404; else $status = 500; - return $response->withJson(array('success'=>false, 'message'=>'No destination folder', 'data'=>''), $status); + return $this->renderer->json($response, array('success'=>false, 'message'=>'No destination folder', 'data'=>''))->withStatus($status); } } else { - return $response->withJson(array('success'=>false, 'message'=>'No access', 'data'=>''), 403); + return $this->renderer->json($response, array('success'=>false, 'message'=>'No access', 'data'=>''))->withStatus(403); } } else { if($mfolder === null) $status=404; else $status=500; - return $response->withJson(array('success'=>false, 'message'=>'No folder', 'data'=>''), $status); + return $this->renderer->json($response, array('success'=>false, 'message'=>'No folder', 'data'=>''))->withStatus($status); } } /* }}} */ function deleteFolder($request, $response, $args) { /* {{{ */ - $dms = $this->container->dms; - $userobj = $this->container->userobj; + $dms = $this->container->get('dms'); + $userobj = $this->container->get('userobj'); if(!$userobj) { - return $response->withJson(array('success'=>false, 'message'=>'Not logged in', 'data'=>''), 403); + return $this->renderer->json($response, array('success'=>false, 'message'=>'Not logged in', 'data'=>''))->withStatus(403); } if(!ctype_digit($args['id']) || $args['id'] == 0) { - return $response->withJson(array('success'=>false, 'message'=>'id is 0', 'data'=>''), 400); + return $this->renderer->json($response, array('success'=>false, 'message'=>'id is 0', 'data'=>''))->withStatus(400); } $mfolder = $dms->getFolder($args['id']); if($mfolder) { if ($mfolder->getAccessMode($userobj, 'removeFolder') >= M_READWRITE) { if($mfolder->remove()) { - return $response->withJson(array('success'=>true, 'message'=>'', 'data'=>''), 200); + return $this->renderer->json($response, array('success'=>true, 'message'=>'', 'data'=>''))->withStatus(200); } else { - return $response->withJson(array('success'=>false, 'message'=>'Error deleting folder', 'data'=>''), 500); + return $this->renderer->json($response, array('success'=>false, 'message'=>'Error deleting folder', 'data'=>''))->withStatus(500); } } else { - return $response->withJson(array('success'=>false, 'message'=>'No access', 'data'=>''), 403); + return $this->renderer->json($response, array('success'=>false, 'message'=>'No access', 'data'=>''))->withStatus(403); } } else { if($mfolder === null) $status=404; else $status=500; - return $response->withJson(array('success'=>false, 'message'=>'No folder', 'data'=>''), $status); + return $this->renderer->json($response, array('success'=>false, 'message'=>'No folder', 'data'=>''))->withStatus($status); } } /* }}} */ function uploadDocument($request, $response, $args) { /* {{{ */ - $dms = $this->container->dms; - $userobj = $this->container->userobj; - $settings = $this->container->config; - $notifier = $this->container->notifier; - $fulltextservice = $this->container->fulltextservice; + $dms = $this->container->get('dms'); + $userobj = $this->container->get('userobj'); + $settings = $this->container->get('config'); + $notifier = $this->container->get('notifier'); + $fulltextservice = $this->container->get('fulltextservice'); if(!$userobj) { - return $response->withJson(array('success'=>false, 'message'=>'Not logged in', 'data'=>''), 403); + return $this->renderer->json($response, array('success'=>false, 'message'=>'Not logged in', 'data'=>''))->withStatus(403); } if(!ctype_digit($args['id']) || $args['id'] == 0) { - return $response->withJson(array('success'=>false, 'message'=>'No parent folder id given', 'data'=>''), 400); + return $this->renderer->json($response, array('success'=>false, 'message'=>'No parent folder id given', 'data'=>''))->withStatus(400); } if($settings->_quota > 0) { $remain = checkQuota($userobj); if ($remain < 0) { - return $response->withJson(array('success'=>false, 'message'=>'Quota exceeded', 'data'=>''), 400); + return $this->renderer->json($response, array('success'=>false, 'message'=>'Quota exceeded', 'data'=>''))->withStatus(400); } } @@ -669,7 +700,7 @@ class RestapiController { /* {{{ */ if(isset($params['sequence'])) { $sequence = str_replace(',', '.', $params["sequence"]); if (!is_numeric($sequence)) - return $response->withJson(array('success'=>false, 'message'=>getMLText("invalid_sequence"), 'data'=>''), 400); + return $this->renderer->json($response, array('success'=>false, 'message'=>getMLText("invalid_sequence"), 'data'=>''))->withStatus(400); } else { $dd = $mfolder->getDocuments('s'); if(count($dd) > 1) @@ -680,7 +711,7 @@ class RestapiController { /* {{{ */ if(isset($params['expdate'])) { $tmp = explode('-', $params["expdate"]); if(count($tmp) != 3) - return $response->withJson(array('success'=>false, 'message'=>getMLText('malformed_expiration_date'), 'data'=>''), 400); + return $this->renderer->json($response, array('success'=>false, 'message'=>getMLText('malformed_expiration_date'), 'data'=>''))->withStatus(400); $expires = mktime(0,0,0, $tmp[1], $tmp[2], $tmp[0]); } else $expires = 0; @@ -706,15 +737,15 @@ class RestapiController { /* {{{ */ if($attrdef) { if($attribute) { if(!$attrdef->validate($attribute)) { - return $response->withJson(array('success'=>false, 'message'=>getAttributeValidationText($attrdef->getValidationError(), $attrdef->getName(), $attribute), 'data'=>''), 400); + return $this->renderer->json($response, array('success'=>false, 'message'=>getAttributeValidationText($attrdef->getValidationError(), $attrdef->getName(), $attribute), 'data'=>''))->withStatus(400); } } elseif($attrdef->getMinValues() > 0) { - return $response->withJson(array('success'=>false, 'message'=>getMLText("attr_min_values", array("attrname"=>$attrdef->getName())), 'data'=>''), 400); + return $this->renderer->json($response, array('success'=>false, 'message'=>getMLText("attr_min_values", array("attrname"=>$attrdef->getName())), 'data'=>''))->withStatus(400); } } } if (count($uploadedFiles) == 0) { - return $response->withJson(array('success'=>false, 'message'=>'No file detected', 'data'=>''), 400); + return $this->renderer->json($response, array('success'=>false, 'message'=>'No file detected', 'data'=>''))->withStatus(400); } $file_info = array_pop($uploadedFiles); if ($origfilename == null) @@ -724,7 +755,7 @@ class RestapiController { /* {{{ */ /* Check if name already exists in the folder */ if(!$settings->_enableDuplicateDocNames) { if($mfolder->hasDocumentByName($docname)) { - return $response->withJson(array('success'=>false, 'message'=>getMLText("document_duplicate_name"), 'data'=>''), 409); + return $this->renderer->json($response, array('success'=>false, 'message'=>getMLText("document_duplicate_name"), 'data'=>''))->withStatus(409); } } // Get the list of reviewers and approvers for this document. @@ -754,7 +785,9 @@ class RestapiController { /* {{{ */ $workflow = array_shift($workflows); } } - $temp = $file_info->file; + $temp = tempnam(sys_get_temp_dir(), 'FOO'); + file_put_contents($temp, (string) $file_info->getStream()); + $finfo = finfo_open(FILEINFO_MIME_TYPE); $userfiletype = finfo_file($finfo, $temp); $fileType = ".".pathinfo($origfilename, PATHINFO_EXTENSION); @@ -802,17 +835,17 @@ class RestapiController { /* {{{ */ $errmsg = $err; } unlink($temp); - return $response->withJson(array('success'=>false, 'message'=>'Upload failed', 'data'=>''), 500); + return $this->renderer->json($response, array('success'=>false, 'message'=>'Upload failed', 'data'=>''))->withStatus(500); } else { if($controller->hasHook('cleanUpDocument')) { - $controller->callHook('cleanUpDocument', $document, $file); + $controller->callHook('cleanUpDocument', $document, ['Ń•ource'=>'restapi', 'type'=>$userfiletype, 'name'=>$origfilename]); } // Send notification to subscribers of folder. if($notifier) { $notifier->sendNewDocumentMail($document, $userobj); } unlink($temp); - return $response->withJson(array('success'=>true, 'message'=>'Upload succeded', 'data'=>$this->__getLatestVersionData($document->getLatestContent())), 201); + return $this->renderer->json($response, array('success'=>true, 'message'=>'Upload succeded', 'data'=>$this->__getLatestVersionData($document->getLatestContent())))->withStatus(201); } /* $res = $mfolder->addDocument($docname, $comment, $expires, $owner ? $owner : $userobj, $keywords, $cats, $temp, $origfilename ? $origfilename : basename($temp), $fileType, $userfiletype, $sequence, array(), array(), $reqversion, $version_comment, $attributes); @@ -822,49 +855,49 @@ class RestapiController { /* {{{ */ if($notifier) { $notifier->sendNewDocumentMail($doc, $userobj); } - return $response->withJson(array('success'=>true, 'message'=>'Upload succeded', 'data'=>$this->__getLatestVersionData($doc->getLatestContent())), 201); + return $this->renderer->json($response, array('success'=>true, 'message'=>'Upload succeded', 'data'=>$this->__getLatestVersionData($doc->getLatestContent())))->withStatus(201); } else { - return $response->withJson(array('success'=>false, 'message'=>'Upload failed', 'data'=>''), 500); + return $this->renderer->json($response, array('success'=>false, 'message'=>'Upload failed', 'data'=>''))->withStatus(500); } */ } else { - return $response->withJson(array('success'=>false, 'message'=>'No access', 'data'=>''), 403); + return $this->renderer->json($response, array('success'=>false, 'message'=>'No access', 'data'=>''))->withStatus(403); } } else { if($mfolder === null) $status=404; else $status=500; - return $response->withJson(array('success'=>false, 'message'=>'No folder', 'data'=>''), $status); + return $this->renderer->json($response, array('success'=>false, 'message'=>'No folder', 'data'=>''))->withStatus($status); } } /* }}} */ function updateDocument($request, $response, $args) { /* {{{ */ - $dms = $this->container->dms; - $userobj = $this->container->userobj; - $settings = $this->container->config; - $notifier = $this->container->notifier; - $fulltextservice = $this->container->fulltextservice; + $dms = $this->container->get('dms'); + $userobj = $this->container->get('userobj'); + $settings = $this->container->get('config'); + $notifier = $this->container->get('notifier'); + $fulltextservice = $this->container->get('fulltextservice'); if(!$userobj) { - return $response->withJson(array('success'=>false, 'message'=>'Not logged in', 'data'=>''), 403); + return $this->renderer->json($response, array('success'=>false, 'message'=>'Not logged in', 'data'=>''))->withStatus(403); } if(!ctype_digit($args['id']) || $args['id'] == 0) { - return $response->withJson(array('success'=>false, 'message'=>'No document id given', 'data'=>''), 400); + return $this->renderer->json($response, array('success'=>false, 'message'=>'No document id given', 'data'=>''))->withStatus(400); } if($settings->_quota > 0) { $remain = checkQuota($userobj); if ($remain < 0) { - return $response->withJson(array('success'=>false, 'message'=>'Quota exceeded', 'data'=>''), 400); + return $this->renderer->json($response, array('success'=>false, 'message'=>'Quota exceeded', 'data'=>''))->withStatus(400); } } $document = $dms->getDocument($args['id']); if($document) { if ($document->getAccessMode($userobj, 'updateDocument') < M_READWRITE) { - return $response->withJson(array('success'=>false, 'message'=>'No access', 'data'=>''), 403); + return $this->renderer->json($response, array('success'=>false, 'message'=>'No access', 'data'=>''))->withStatus(403); } $params = $request->getParsedBody(); @@ -879,32 +912,33 @@ class RestapiController { /* {{{ */ if($attrdef) { if($attribute) { if(!$attrdef->validate($attribute)) { - return $response->withJson(array('success'=>false, 'message'=>getAttributeValidationText($attrdef->getValidationError(), $attrdef->getName(), $attribute), 'data'=>''), 400); + return $this->renderer->json($response, array('success'=>false, 'message'=>getAttributeValidationText($attrdef->getValidationError(), $attrdef->getName(), $attribute), 'data'=>''))->withStatus(400); } } elseif($attrdef->getMinValues() > 0) { - return $response->withJson(array('success'=>false, 'message'=>getMLText("attr_min_values", array("attrname"=>$attrdef->getName())), 'data'=>''), 400); + return $this->renderer->json($response, array('success'=>false, 'message'=>getMLText("attr_min_values", array("attrname"=>$attrdef->getName())), 'data'=>''))->withStatus(400); } } } $uploadedFiles = $request->getUploadedFiles(); if (count($uploadedFiles) == 0) { - return $response->withJson(array('success'=>false, 'message'=>'No file detected', 'data'=>''), 400); + return $this->renderer->json($response, array('success'=>false, 'message'=>'No file detected', 'data'=>''))->withStatus(400); } $file_info = array_pop($uploadedFiles); if ($origfilename == null) $origfilename = $file_info->getClientFilename(); - $temp = $file_info->file; + $temp = tempnam(sys_get_temp_dir(), 'FOO'); + file_put_contents($temp, (string) $file_info->getStream()); /* Check if the uploaded file is identical to last version */ $lc = $document->getLatestContent(); if($lc->getChecksum() == SeedDMS_Core_File::checksum($temp)) { - return $response->withJson(array('success'=>false, 'message'=>'Uploaded file identical to last version', 'data'=>''), 400); + return $this->renderer->json($response, array('success'=>false, 'message'=>'Uploaded file identical to last version', 'data'=>''))->withStatus(400); } if($document->isLocked()) { $lockingUser = $document->getLockingUser(); if(($lockingUser->getID() != $userobj->getID()) && ($document->getAccessMode($userobj) != M_ALL)) { - return $response->withJson(array('success'=>false, 'message'=>'Document is locked', 'data'=>''), 400); + return $this->renderer->json($response, array('success'=>false, 'message'=>'Document is locked', 'data'=>''))->withStatus(400); } else $document->setLocked(false); } @@ -973,11 +1007,11 @@ class RestapiController { /* {{{ */ } else { $errmsg = $err; } - return $response->withJson(array('success'=>false, 'message'=>'Upload failed: '.$errmsg, 'data'=>''), 500); + return $this->renderer->json($response, array('success'=>false, 'message'=>'Upload failed: '.$errmsg, 'data'=>''))->withStatus(500); } else { unlink($temp); if($controller->hasHook('cleanUpDocument')) { - $controller->callHook('cleanUpDocument', $document, $file_info); + $controller->callHook('cleanUpDocument', $document, ['Ń•ource'=>'restapi', 'type'=>$userfiletype, 'name'=>$origfilename]); } // Send notification to subscribers. if($notifier) { @@ -987,10 +1021,10 @@ class RestapiController { /* {{{ */ } $rec = array('id'=>(int)$document->getId(), 'name'=>$document->getName(), 'version'=>$document->getLatestContent()->getVersion()); - return $response->withJson(array('success'=>true, 'message'=>'Upload succeded', 'data'=>$rec), 200); + return $this->renderer->json($response, array('success'=>true, 'message'=>'Upload succeded', 'data'=>$rec))->withStatus(200); } } else { - return $response->withJson(array('success'=>false, 'message'=>'No document', 'data'=>''), 404); + return $this->renderer->json($response, array('success'=>false, 'message'=>'No document', 'data'=>''))->withStatus(404); } } /* }}} */ @@ -998,23 +1032,23 @@ class RestapiController { /* {{{ */ * Old upload method which uses put instead of post */ function uploadDocumentPut($request, $response, $args) { /* {{{ */ - $dms = $this->container->dms; - $userobj = $this->container->userobj; - $settings = $this->container->config; - $notifier = $this->container->notifier; + $dms = $this->container->get('dms'); + $userobj = $this->container->get('userobj'); + $settings = $this->container->get('config'); + $notifier = $this->container->get('notifier'); if(!$userobj) { - return $response->withJson(array('success'=>false, 'message'=>'Not logged in', 'data'=>''), 403); + return $this->renderer->json($response, array('success'=>false, 'message'=>'Not logged in', 'data'=>''))->withStatus(403); } if(!ctype_digit($args['id']) || $args['id'] == 0) { - return $response->withJson(array('success'=>false, 'message'=>'No document id given', 'data'=>''), 400); + return $this->renderer->json($response, array('success'=>false, 'message'=>'No document id given', 'data'=>''))->withStatus(400); } if($settings->_quota > 0) { $remain = checkQuota($userobj); if ($remain < 0) { - return $response->withJson(array('success'=>false, 'message'=>'Quota exceeded', 'data'=>''), 400); + return $this->renderer->json($response, array('success'=>false, 'message'=>'Quota exceeded', 'data'=>''))->withStatus(400); } } @@ -1026,7 +1060,7 @@ class RestapiController { /* {{{ */ $keywords = isset($params['keywords']) ? $params['keywords'] : ''; $origfilename = isset($params['origfilename']) ? $params['origfilename'] : null; $content = $request->getBody(); - $temp = tempnam('/tmp', 'lajflk'); + $temp = tempnam(sys_get_temp_dir(), 'lajflk'); $handle = fopen($temp, "w"); fwrite($handle, $content); fclose($handle); @@ -1037,7 +1071,7 @@ class RestapiController { /* {{{ */ /* Check if name already exists in the folder */ if(!$settings->_enableDuplicateDocNames) { if($mfolder->hasDocumentByName($docname)) { - return $response->withJson(array('success'=>false, 'message'=>getMLText("document_duplicate_name"), 'data'=>''), 409); + return $this->renderer->json($response, array('success'=>false, 'message'=>getMLText("document_duplicate_name"), 'data'=>''))->withStatus(409); } } $res = $mfolder->addDocument($docname, '', 0, $userobj, '', array(), $temp, $origfilename ? $origfilename : basename($temp), $fileType, $userfiletype, 0); @@ -1048,32 +1082,32 @@ class RestapiController { /* {{{ */ $notifier->sendNewDocumentMail($doc, $userobj); } $rec = array('id'=>(int)$doc->getId(), 'name'=>$doc->getName()); - return $response->withJson(array('success'=>true, 'message'=>'Upload succeded', 'data'=>$rec), 200); + return $this->renderer->json($response, array('success'=>true, 'message'=>'Upload succeded', 'data'=>$rec))->withStatus(200); } else { - return $response->withJson(array('success'=>false, 'message'=>'Upload failed', 'data'=>''), 500); + return $this->renderer->json($response, array('success'=>false, 'message'=>'Upload failed', 'data'=>''))->withStatus(500); } } else { - return $response->withJson(array('success'=>false, 'message'=>'No access', 'data'=>''), 403); + return $this->renderer->json($response, array('success'=>false, 'message'=>'No access', 'data'=>''))->withStatus(403); } } else { if($mfolder === null) $status=404; else $status=500; - return $response->withJson(array('success'=>false, 'message'=>'No folder', 'data'=>''), $status); + return $this->renderer->json($response, array('success'=>false, 'message'=>'No folder', 'data'=>''))->withStatus($status); } } /* }}} */ function uploadDocumentFile($request, $response, $args) { /* {{{ */ - $dms = $this->container->dms; - $userobj = $this->container->userobj; + $dms = $this->container->get('dms'); + $userobj = $this->container->get('userobj'); if(!$userobj) { - return $response->withJson(array('success'=>false, 'message'=>'Not logged in', 'data'=>''), 403); + return $this->renderer->json($response, array('success'=>false, 'message'=>'Not logged in', 'data'=>''))->withStatus(403); } if(!ctype_digit($args['id']) || $args['id'] == 0) { - return $response->withJson(array('success'=>false, 'message'=>'No document id given', 'data'=>''), 400); + return $this->renderer->json($response, array('success'=>false, 'message'=>'No document id given', 'data'=>''))->withStatus(400); } $document = $dms->getDocument($args['id']); if($document) { @@ -1087,14 +1121,15 @@ class RestapiController { /* {{{ */ $version = empty($params['version']) ? 0 : $params['version']; $public = empty($params['public']) ? 'false' : $params['public']; if (count($uploadedFiles) == 0) { - return $response->withJson(array('success'=>false, 'message'=>'No file detected', 'data'=>''), 400); + return $this->renderer->json($response, array('success'=>false, 'message'=>'No file detected', 'data'=>''))->withStatus(400); } $file_info = array_pop($uploadedFiles); if ($origfilename == null) $origfilename = $file_info->getClientFilename(); if (trim($docname) == '') $docname = $origfilename; - $temp = $file_info->file; + $temp = tempnam(sys_get_temp_dir(), 'FOO'); + file_put_contents($temp, (string) $file_info->getStream()); $finfo = finfo_open(FILEINFO_MIME_TYPE); $userfiletype = finfo_file($finfo, $temp); $fileType = ".".pathinfo($origfilename, PATHINFO_EXTENSION); @@ -1104,36 +1139,36 @@ class RestapiController { /* {{{ */ $fileType, $userfiletype, $version, $public); unlink($temp); if($res) { - return $response->withJson(array('success'=>true, 'message'=>'Upload succeded', 'data'=>$res), 201); + return $this->renderer->json($response, array('success'=>true, 'message'=>'Upload succeded', 'data'=>$res))->withStatus(201); } else { - return $response->withJson(array('success'=>false, 'message'=>'Upload failed', 'data'=>''), 500); + return $this->renderer->json($response, array('success'=>false, 'message'=>'Upload failed', 'data'=>''))->withStatus(500); } } else { - return $response->withJson(array('success'=>false, 'message'=>'No access', 'data'=>''), 403); + return $this->renderer->json($response, array('success'=>false, 'message'=>'No access', 'data'=>''))->withStatus(403); } } else { if($document === null) $status=404; else $status=500; - return $response->withJson(array('success'=>false, 'message'=>'No such document', 'data'=>''), $status); + return $this->renderer->json($response, array('success'=>false, 'message'=>'No such document', 'data'=>''))->withStatus($status); } } /* }}} */ function addDocumentLink($request, $response, $args) { /* {{{ */ - $dms = $this->container->dms; - $userobj = $this->container->userobj; + $dms = $this->container->get('dms'); + $userobj = $this->container->get('userobj'); if(!$userobj) { - return $response->withJson(array('success'=>false, 'message'=>'Not logged in', 'data'=>''), 403); + return $this->renderer->json($response, array('success'=>false, 'message'=>'Not logged in', 'data'=>''))->withStatus(403); } if(!ctype_digit($args['id']) || $args['id'] == 0) { - return $response->withJson(array('success'=>false, 'message'=>'No source document given', 'data'=>''), 400); + return $this->renderer->json($response, array('success'=>false, 'message'=>'No source document given', 'data'=>''))->withStatus(400); return; } if(!ctype_digit($args['documentid']) || $args['documentid'] == 0) { - return $response->withJson(array('success'=>false, 'message'=>'No target document given', 'data'=>''), 400); + return $this->renderer->json($response, array('success'=>false, 'message'=>'No target document given', 'data'=>''))->withStatus(400); return; } $sourcedoc = $dms->getDocument($args['id']); @@ -1143,21 +1178,21 @@ class RestapiController { /* {{{ */ $params = $request->getParsedBody(); $public = !isset($params['public']) ? true : false; if ($sourcedoc->addDocumentLink($targetdoc->getId(), $userobj->getID(), $public)){ - return $response->withJson(array('success'=>true, 'message'=>'', 'data'=>''), 201); + return $this->renderer->json($response, array('success'=>true, 'message'=>'', 'data'=>''))->withStatus(201); } else { - return $response->withJson(array('success'=>false, 'message'=>'Could not create document link', 'data'=>''), 500); + return $this->renderer->json($response, array('success'=>false, 'message'=>'Could not create document link', 'data'=>''))->withStatus(500); } } else { - return $response->withJson(array('success'=>false, 'message'=>'No access on source document', 'data'=>''), 403); + return $this->renderer->json($response, array('success'=>false, 'message'=>'No access on source document', 'data'=>''))->withStatus(403); } } else { - return $response->withJson(array('success'=>false, 'message'=>'Could not find source or target document', 'data'=>''), 500); + return $this->renderer->json($response, array('success'=>false, 'message'=>'Could not find source or target document', 'data'=>''))->withStatus(500); } } /* }}} */ function getDocument($request, $response, $args) { /* {{{ */ - $dms = $this->container->dms; - $userobj = $this->container->userobj; + $dms = $this->container->get('dms'); + $userobj = $this->container->get('userobj'); $document = $dms->getDocument($args['id']); if($document) { @@ -1165,53 +1200,53 @@ class RestapiController { /* {{{ */ $lc = $document->getLatestContent(); if($lc) { $data = $this->__getLatestVersionData($lc); - return $response->withJson(array('success'=>true, 'message'=>'', 'data'=>$data), 200); + return $this->renderer->json($response, array('success'=>true, 'message'=>'', 'data'=>$data))->withStatus(200); } else { - return $response->withJson(array('success'=>false, 'message'=>'No access', 'data'=>''), 403); + return $this->renderer->json($response, array('success'=>false, 'message'=>'No access', 'data'=>''))->withStatus(403); } } else { - return $response->withJson(array('success'=>false, 'message'=>'No access', 'data'=>''), 403); + return $this->renderer->json($response, array('success'=>false, 'message'=>'No access', 'data'=>''))->withStatus(403); } } else { if($document === null) $status=404; else $status=500; - return $response->withJson(array('success'=>false, 'message'=>'No document', 'data'=>''), $status); + return $this->renderer->json($response, array('success'=>false, 'message'=>'No document', 'data'=>''))->withStatus($status); } } /* }}} */ function deleteDocument($request, $response, $args) { /* {{{ */ - $dms = $this->container->dms; - $userobj = $this->container->userobj; + $dms = $this->container->get('dms'); + $userobj = $this->container->get('userobj'); if(!ctype_digit($args['id'])) { - return $response->withJson(array('success'=>false, 'message'=>'Invalid parameter', 'data'=>''), 400); + return $this->renderer->json($response, array('success'=>false, 'message'=>'Invalid parameter', 'data'=>''))->withStatus(400); } $document = $dms->getDocument($args['id']); if($document) { if ($document->getAccessMode($userobj, 'deleteDocument') >= M_READWRITE) { if($document->remove()) { - return $response->withJson(array('success'=>true, 'message'=>'', 'data'=>''), 200); + return $this->renderer->json($response, array('success'=>true, 'message'=>'', 'data'=>''))->withStatus(200); } else { - return $response->withJson(array('success'=>false, 'message'=>'Error removing document', 'data'=>''), 500); + return $this->renderer->json($response, array('success'=>false, 'message'=>'Error removing document', 'data'=>''))->withStatus(500); } } else { - return $response->withJson(array('success'=>false, 'message'=>'No access', 'data'=>''), 403); + return $this->renderer->json($response, array('success'=>false, 'message'=>'No access', 'data'=>''))->withStatus(403); } } else { if($document === null) $status=404; else $status=500; - return $response->withJson(array('success'=>false, 'message'=>'No document', 'data'=>''), $status); + return $this->renderer->json($response, array('success'=>false, 'message'=>'No document', 'data'=>''))->withStatus($status); } } /* }}} */ function moveDocument($request, $response, $args) { /* {{{ */ - $dms = $this->container->dms; - $userobj = $this->container->userobj; + $dms = $this->container->get('dms'); + $userobj = $this->container->get('userobj'); $document = $dms->getDocument($args['id']); if($document) { @@ -1219,35 +1254,35 @@ class RestapiController { /* {{{ */ if($folder = $dms->getFolder($args['folderid'])) { if($folder->getAccessMode($userobj, 'moveDocument') >= M_READWRITE) { if($document->setFolder($folder)) { - return $response->withJson(array('success'=>true, 'message'=>'', 'data'=>''), 200); + return $this->renderer->json($response, array('success'=>true, 'message'=>'', 'data'=>''))->withStatus(200); } else { - return $response->withJson(array('success'=>false, 'message'=>'Error moving document', 'data'=>''), 500); + return $this->renderer->json($response, array('success'=>false, 'message'=>'Error moving document', 'data'=>''))->withStatus(500); } } else { - return $response->withJson(array('success'=>false, 'message'=>'No access on destination folder', 'data'=>''), 403); + return $this->renderer->json($response, array('success'=>false, 'message'=>'No access on destination folder', 'data'=>''))->withStatus(403); } } else { if($folder === null) $status=404; else $status=500; - return $response->withJson(array('success'=>false, 'message'=>'No destination folder', 'data'=>''), $status); + return $this->renderer->json($response, array('success'=>false, 'message'=>'No destination folder', 'data'=>''))->withStatus($status); } } else { - return $response->withJson(array('success'=>false, 'message'=>'No access', 'data'=>''), 403); + return $this->renderer->json($response, array('success'=>false, 'message'=>'No access', 'data'=>''))->withStatus(403); } } else { if($document === null) $status=404; else $status=500; - return $response->withJson(array('success'=>false, 'message'=>'No document', 'data'=>''), $status); + return $this->renderer->json($response, array('success'=>false, 'message'=>'No document', 'data'=>''))->withStatus($status); } } /* }}} */ function getDocumentContent($request, $response, $args) { /* {{{ */ - $dms = $this->container->dms; - $userobj = $this->container->userobj; + $dms = $this->container->get('dms'); + $userobj = $this->container->get('userobj'); $document = $dms->getDocument($args['id']); if($document) { @@ -1261,7 +1296,7 @@ class RestapiController { /* {{{ */ $file = $dms->contentDir . $lc->getPath(); if(!($fh = @fopen($file, 'rb'))) { - return $response->withJson(array('success'=>false, 'message'=>'', 'data'=>''), 500); + return $this->renderer->json($response, array('success'=>false, 'message'=>'', 'data'=>''))->withStatus(500); } $stream = new \Slim\Http\Stream($fh); // create a stream instance for the response body @@ -1277,24 +1312,24 @@ class RestapiController { /* {{{ */ sendFile($dms->contentDir . $lc->getPath()); } else { - return $response->withJson(array('success'=>false, 'message'=>'No access', 'data'=>''), 403); + return $this->renderer->json($response, array('success'=>false, 'message'=>'No access', 'data'=>''))->withStatus(403); } } else { - return $response->withJson(array('success'=>false, 'message'=>'No access', 'data'=>''), 403); + return $this->renderer->json($response, array('success'=>false, 'message'=>'No access', 'data'=>''))->withStatus(403); } } else { if($document === null) $status=404; else $status=500; - return $response->withJson(array('success'=>false, 'message'=>'No document', 'data'=>''), $status); + return $this->renderer->json($response, array('success'=>false, 'message'=>'No document', 'data'=>''))->withStatus($status); } } /* }}} */ function getDocumentVersions($request, $response, $args) { /* {{{ */ - $dms = $this->container->dms; - $userobj = $this->container->userobj; + $dms = $this->container->get('dms'); + $userobj = $this->container->get('userobj'); $document = $dms->getDocument($args['id']); if($document) { @@ -1304,25 +1339,25 @@ class RestapiController { /* {{{ */ foreach($lcs as $lc) { $recs[] = $this->__getDocumentVersionData($lc); } - return $response->withJson(array('success'=>true, 'message'=>'', 'data'=>$recs), 200); + return $this->renderer->json($response, array('success'=>true, 'message'=>'', 'data'=>$recs))->withStatus(200); } else { - return $response->withJson(array('success'=>false, 'message'=>'No access', 'data'=>''), 403); + return $this->renderer->json($response, array('success'=>false, 'message'=>'No access', 'data'=>''))->withStatus(403); } } else { if($document === null) $status=404; else $status=500; - return $response->withJson(array('success'=>false, 'message'=>'No document', 'data'=>''), $status); + return $this->renderer->json($response, array('success'=>false, 'message'=>'No document', 'data'=>''))->withStatus($status); } } /* }}} */ function getDocumentVersion($request, $response, $args) { /* {{{ */ - $dms = $this->container->dms; - $userobj = $this->container->userobj; + $dms = $this->container->get('dms'); + $userobj = $this->container->get('userobj'); if(!ctype_digit($args['id']) || !ctype_digit($args['version'])) { - return $response->withJson(array('success'=>false, 'message'=>'Invalid parameter', 'data'=>''), 400); + return $this->renderer->json($response, array('success'=>false, 'message'=>'Invalid parameter', 'data'=>''))->withStatus(400); } $document = $dms->getDocument($args['id']); @@ -1337,7 +1372,7 @@ class RestapiController { /* {{{ */ $file = $dms->contentDir . $lc->getPath(); if(!($fh = @fopen($file, 'rb'))) { - return $response->withJson(array('success'=>false, 'message'=>'', 'data'=>''), 500); + return $this->renderer->json($response, array('success'=>false, 'message'=>'', 'data'=>''))->withStatus(500); } $stream = new \Slim\Http\Stream($fh); // create a stream instance for the response body @@ -1353,23 +1388,23 @@ class RestapiController { /* {{{ */ sendFile($dms->contentDir . $lc->getPath()); } else { - return $response->withJson(array('success'=>false, 'message'=>'No such version', 'data'=>''), 404); + return $this->renderer->json($response, array('success'=>false, 'message'=>'No such version', 'data'=>''))->withStatus(404); } } else { - return $response->withJson(array('success'=>false, 'message'=>'No access', 'data'=>''), 403); + return $this->renderer->json($response, array('success'=>false, 'message'=>'No access', 'data'=>''))->withStatus(403); } } else { if($document === null) $status=404; else $status=500; - return $response->withJson(array('success'=>false, 'message'=>'No document', 'data'=>''), $status); + return $this->renderer->json($response, array('success'=>false, 'message'=>'No document', 'data'=>''))->withStatus($status); } } /* }}} */ function updateDocumentVersion($request, $response, $args) { /* {{{ */ - $dms = $this->container->dms; - $userobj = $this->container->userobj; + $dms = $this->container->get('dms'); + $userobj = $this->container->get('userobj'); $document = $dms->getDocument($args['id']); if($document) { @@ -1379,29 +1414,29 @@ class RestapiController { /* {{{ */ $params = $request->getParsedBody(); if (isset($params['comment'])) { $lc->setComment($params['comment']); - return $response->withJson(array('success'=>true, 'message'=>'', 'data'=>''), 200); + return $this->renderer->json($response, array('success'=>true, 'message'=>'', 'data'=>''))->withStatus(200); } } else { - return $response->withJson(array('success'=>false, 'message'=>'No such version', 'data'=>''), 404); + return $this->renderer->json($response, array('success'=>false, 'message'=>'No such version', 'data'=>''))->withStatus(404); } } else { - return $response->withJson(array('success'=>false, 'message'=>'No access', 'data'=>''), 403); + return $this->renderer->json($response, array('success'=>false, 'message'=>'No access', 'data'=>''))->withStatus(403); } } else { if($document === null) $status=404; else $status=500; - return $response->withJson(array('success'=>false, 'message'=>'No document', 'data'=>''), $status); + return $this->renderer->json($response, array('success'=>false, 'message'=>'No document', 'data'=>''))->withStatus($status); } } /* }}} */ function getDocumentFiles($request, $response, $args) { /* {{{ */ - $dms = $this->container->dms; - $userobj = $this->container->userobj; + $dms = $this->container->get('dms'); + $userobj = $this->container->get('userobj'); if(!ctype_digit($args['id'])) { - return $response->withJson(array('success'=>false, 'message'=>'Invalid parameter', 'data'=>''), 400); + return $this->renderer->json($response, array('success'=>false, 'message'=>'Invalid parameter', 'data'=>''))->withStatus(400); } $document = $dms->getDocument($args['id']); @@ -1413,25 +1448,25 @@ class RestapiController { /* {{{ */ foreach($files as $file) { $recs[] = $this->__getDocumentFileData($file); } - return $response->withJson(array('success'=>true, 'message'=>'', 'data'=>$recs), 200); + return $this->renderer->json($response, array('success'=>true, 'message'=>'', 'data'=>$recs))->withStatus(200); } else { - return $response->withJson(array('success'=>false, 'message'=>'No access', 'data'=>''), 403); + return $this->renderer->json($response, array('success'=>false, 'message'=>'No access', 'data'=>''))->withStatus(403); } } else { if($document === null) $status=404; else $status=500; - return $response->withJson(array('success'=>false, 'message'=>'No document', 'data'=>''), $status); + return $this->renderer->json($response, array('success'=>false, 'message'=>'No document', 'data'=>''))->withStatus($status); } } /* }}} */ function getDocumentFile($request, $response, $args) { /* {{{ */ - $dms = $this->container->dms; - $userobj = $this->container->userobj; + $dms = $this->container->get('dms'); + $userobj = $this->container->get('userobj'); if(!ctype_digit($args['id']) || !ctype_digit($args['fileid'])) { - return $response->withJson(array('success'=>false, 'message'=>'Invalid parameter', 'data'=>''), 400); + return $this->renderer->json($response, array('success'=>false, 'message'=>'Invalid parameter', 'data'=>''))->withStatus(400); } $document = $dms->getDocument($args['id']); @@ -1442,7 +1477,7 @@ class RestapiController { /* {{{ */ if($lc) { $file = $dms->contentDir . $lc->getPath(); if(!($fh = @fopen($file, 'rb'))) { - return $response->withJson(array('success'=>false, 'message'=>'', 'data'=>''), 500); + return $this->renderer->json($response, array('success'=>false, 'message'=>'', 'data'=>''))->withStatus(500); } $stream = new \Slim\Http\Stream($fh); // create a stream instance for the response body @@ -1458,26 +1493,26 @@ class RestapiController { /* {{{ */ sendFile($dms->contentDir . $lc->getPath()); } else { - return $response->withJson(array('success'=>false, 'message'=>'No document file', 'data'=>''), 404); + return $this->renderer->json($response, array('success'=>false, 'message'=>'No document file', 'data'=>''))->withStatus(404); } } else { - return $response->withJson(array('success'=>false, 'message'=>'No access', 'data'=>''), 403); + return $this->renderer->json($response, array('success'=>false, 'message'=>'No access', 'data'=>''))->withStatus(403); } } else { if($document === null) $status=404; else $status=500; - return $response->withJson(array('success'=>false, 'message'=>'No document', 'data'=>''), $status); + return $this->renderer->json($response, array('success'=>false, 'message'=>'No document', 'data'=>''))->withStatus($status); } } /* }}} */ function getDocumentLinks($request, $response, $args) { /* {{{ */ - $dms = $this->container->dms; - $userobj = $this->container->userobj; + $dms = $this->container->get('dms'); + $userobj = $this->container->get('userobj'); if(!ctype_digit($args['id'])) { - return $response->withJson(array('success'=>false, 'message'=>'Invalid parameter', 'data'=>''), 400); + return $this->renderer->json($response, array('success'=>false, 'message'=>'Invalid parameter', 'data'=>''))->withStatus(400); } $document = $dms->getDocument($args['id']); @@ -1489,43 +1524,43 @@ class RestapiController { /* {{{ */ foreach($links as $link) { $recs[] = $this->__getDocumentLinkData($link); } - return $response->withJson(array('success'=>true, 'message'=>'', 'data'=>$recs), 200); + return $this->renderer->json($response, array('success'=>true, 'message'=>'', 'data'=>$recs))->withStatus(200); } else { - return $response->withJson(array('success'=>false, 'message'=>'No access', 'data'=>''), 403); + return $this->renderer->json($response, array('success'=>false, 'message'=>'No access', 'data'=>''))->withStatus(403); } } else { if($document === null) $status=404; else $status=500; - return $response->withJson(array('success'=>false, 'message'=>'No document', 'data'=>''), $status); + return $this->renderer->json($response, array('success'=>false, 'message'=>'No document', 'data'=>''))->withStatus($status); } } /* }}} */ function getDocumentAttributes($request, $response, $args) { /* {{{ */ - $dms = $this->container->dms; - $userobj = $this->container->userobj; + $dms = $this->container->get('dms'); + $userobj = $this->container->get('userobj'); $document = $dms->getDocument($args['id']); if($document) { if ($document->getAccessMode($userobj) >= M_READ) { $attributes = $this->__getAttributesData($document); - return $response->withJson(array('success'=>true, 'message'=>'', 'data'=>$attributes), 200); + return $this->renderer->json($response, array('success'=>true, 'message'=>'', 'data'=>$attributes))->withStatus(200); } else { - return $response->withJson(array('success'=>false, 'message'=>'No access', 'data'=>''), 403); + return $this->renderer->json($response, array('success'=>false, 'message'=>'No access', 'data'=>''))->withStatus(403); } } else { if($document === null) $status=404; else $status=500; - return $response->withJson(array('success'=>false, 'message'=>'No document', 'data'=>''), $status); + return $this->renderer->json($response, array('success'=>false, 'message'=>'No document', 'data'=>''))->withStatus($status); } } /* }}} */ function getDocumentContentAttributes($request, $response, $args) { /* {{{ */ - $dms = $this->container->dms; - $userobj = $this->container->userobj; + $dms = $this->container->get('dms'); + $userobj = $this->container->get('userobj'); $document = $dms->getDocument($args['id']); if($document) { @@ -1535,33 +1570,33 @@ class RestapiController { /* {{{ */ if($version) { if($version->getAccessMode($userobj) >= M_READ) { $attributes = $this->__getAttributesData($version); - return $response->withJson(array('success'=>true, 'message'=>'', 'data'=>$attributes), 200); + return $this->renderer->json($response, array('success'=>true, 'message'=>'', 'data'=>$attributes))->withStatus(200); } else { - return $response->withJson(array('success'=>false, 'message'=>'No access on version', 'data'=>''), 403); + return $this->renderer->json($response, array('success'=>false, 'message'=>'No access on version', 'data'=>''))->withStatus(403); } } else { - return $response->withJson(array('success'=>false, 'message'=>'No version', 'data'=>''), 404); + return $this->renderer->json($response, array('success'=>false, 'message'=>'No version', 'data'=>''))->withStatus(404); } } else { - return $response->withJson(array('success'=>false, 'message'=>'No access', 'data'=>''), 403); + return $this->renderer->json($response, array('success'=>false, 'message'=>'No access', 'data'=>''))->withStatus(403); } } else { if($document === null) $status=404; else $status=500; - return $response->withJson(array('success'=>false, 'message'=>'No document', 'data'=>''), $status); + return $this->renderer->json($response, array('success'=>false, 'message'=>'No document', 'data'=>''))->withStatus($status); } } /* }}} */ function getDocumentPreview($request, $response, $args) { /* {{{ */ - $dms = $this->container->dms; - $userobj = $this->container->userobj; - $settings = $this->container->config; - $conversionmgr = $this->container->conversionmgr; + $dms = $this->container->get('dms'); + $userobj = $this->container->get('userobj'); + $settings = $this->container->get('config'); + $conversionmgr = $this->container->get('conversionmgr'); if(!ctype_digit($args['id'])) { - return $response->withJson(array('success'=>false, 'message'=>'Invalid parameter', 'data'=>''), 400); + return $this->renderer->json($response, array('success'=>false, 'message'=>'Invalid parameter', 'data'=>''))->withStatus(400); } $document = $dms->getDocument($args['id']); @@ -1588,7 +1623,7 @@ class RestapiController { /* {{{ */ $file = $previewer->getFileName($object, $args['width']).".png"; if(!($fh = @fopen($file, 'rb'))) { - return $response->withJson(array('success'=>false, 'message'=>'', 'data'=>''), 500); + return $this->renderer->json($response, array('success'=>false, 'message'=>'', 'data'=>''))->withStatus(500); } $stream = new \Slim\Http\Stream($fh); // create a stream instance for the response body @@ -1599,31 +1634,31 @@ class RestapiController { /* {{{ */ ->withHeader('Content-Length', $previewer->getFilesize($object)) ->withBody($stream); } else { - return $response->withJson(array('success'=>false, 'message'=>'No access', 'data'=>''), 403); + return $this->renderer->json($response, array('success'=>false, 'message'=>'No access', 'data'=>''))->withStatus(403); } } else { if($document === null) $status=404; else $status=500; - return $response->withJson(array('success'=>false, 'message'=>'No document', 'data'=>''), $status); + return $this->renderer->json($response, array('success'=>false, 'message'=>'No document', 'data'=>''))->withStatus($status); } } /* }}} */ function addDocumentCategory($request, $response, $args) { /* {{{ */ - $dms = $this->container->dms; - $userobj = $this->container->userobj; + $dms = $this->container->get('dms'); + $userobj = $this->container->get('userobj'); if(!$userobj) { - return $response->withJson(array('success'=>false, 'message'=>'Not logged in', 'data'=>''), 403); + return $this->renderer->json($response, array('success'=>false, 'message'=>'Not logged in', 'data'=>''))->withStatus(403); } if(!ctype_digit($args['id']) || $args['id'] == 0) { - return $response->withJson(array('success'=>false, 'message'=>'No document given', 'data'=>''), 400); + return $this->renderer->json($response, array('success'=>false, 'message'=>'No document given', 'data'=>''))->withStatus(400); return; } if(!ctype_digit($args['catid']) || $args['catid'] == 0) { - return $response->withJson(array('success'=>false, 'message'=>'No category given', 'data'=>''), 400); + return $this->renderer->json($response, array('success'=>false, 'message'=>'No category given', 'data'=>''))->withStatus(400); return; } $cat = $dms->getDocumentCategory($args['catid']); @@ -1631,54 +1666,54 @@ class RestapiController { /* {{{ */ if($doc && $cat) { if($doc->getAccessMode($userobj, 'addDocumentCategory') >= M_READ) { if ($doc->addCategories([$cat])){ - return $response->withJson(array('success'=>true, 'message'=>'', 'data'=>''), 201); + return $this->renderer->json($response, array('success'=>true, 'message'=>'', 'data'=>''))->withStatus(201); } else { - return $response->withJson(array('success'=>false, 'message'=>'Could not add document category', 'data'=>''), 500); + return $this->renderer->json($response, array('success'=>false, 'message'=>'Could not add document category', 'data'=>''))->withStatus(500); } } else { - return $response->withJson(array('success'=>false, 'message'=>'No access on document', 'data'=>''), 403); + return $this->renderer->json($response, array('success'=>false, 'message'=>'No access on document', 'data'=>''))->withStatus(403); } } else { if(!$doc) - return $response->withJson(array('success'=>false, 'message'=>'No such document', 'data'=>''), 404); + return $this->renderer->json($response, array('success'=>false, 'message'=>'No such document', 'data'=>''))->withStatus(404); if(!$cat) - return $response->withJson(array('success'=>false, 'message'=>'No such category', 'data'=>''), 404); - return $response->withJson(array('success'=>false, 'message'=>'Could not find category or document', 'data'=>''), 500); + return $this->renderer->json($response, array('success'=>false, 'message'=>'No such category', 'data'=>''))->withStatus(404); + return $this->renderer->json($response, array('success'=>false, 'message'=>'Could not find category or document', 'data'=>''))->withStatus(500); } } /* }}} */ function removeDocumentCategory($request, $response, $args) { /* {{{ */ - $dms = $this->container->dms; - $userobj = $this->container->userobj; + $dms = $this->container->get('dms'); + $userobj = $this->container->get('userobj'); if(!ctype_digit($args['id']) || !ctype_digit($args['catid'])) { - return $response->withJson(array('success'=>false, 'message'=>'Invalid parameter', 'data'=>''), 400); + return $this->renderer->json($response, array('success'=>false, 'message'=>'Invalid parameter', 'data'=>''))->withStatus(400); } $document = $dms->getDocument($args['id']); if(!$document) - return $response->withJson(array('success'=>false, 'message'=>'No such document', 'data'=>''), 404); + return $this->renderer->json($response, array('success'=>false, 'message'=>'No such document', 'data'=>''))->withStatus(404); $category = $dms->getDocumentCategory($args['catid']); if(!$category) - return $response->withJson(array('success'=>false, 'message'=>'No such category', 'data'=>''), 404); + return $this->renderer->json($response, array('success'=>false, 'message'=>'No such category', 'data'=>''))->withStatus(404); if ($document->getAccessMode($userobj, 'removeDocumentCategory') >= M_READWRITE) { $ret = $document->removeCategories(array($category)); if ($ret) - return $response->withJson(array('success'=>true, 'message'=>'Deleted category successfully.', 'data'=>''), 200); + return $this->renderer->json($response, array('success'=>true, 'message'=>'Deleted category successfully.', 'data'=>''))->withStatus(200); else - return $response->withJson(array('success'=>true, 'message'=>'', 'data'=>''), 200); + return $this->renderer->json($response, array('success'=>true, 'message'=>'', 'data'=>''))->withStatus(200); } else { - return $response->withJson(array('success'=>false, 'message'=>'No access', 'data'=>''), 403); + return $this->renderer->json($response, array('success'=>false, 'message'=>'No access', 'data'=>''))->withStatus(403); } } /* }}} */ function removeDocumentCategories($request, $response, $args) { /* {{{ */ - $dms = $this->container->dms; - $userobj = $this->container->userobj; + $dms = $this->container->get('dms'); + $userobj = $this->container->get('userobj'); if(!ctype_digit($args['id'])) { - return $response->withJson(array('success'=>false, 'message'=>'Invalid parameter', 'data'=>''), 400); + return $this->renderer->json($response, array('success'=>false, 'message'=>'Invalid parameter', 'data'=>''))->withStatus(400); } $document = $dms->getDocument($args['id']); @@ -1686,38 +1721,38 @@ class RestapiController { /* {{{ */ if($document) { if ($document->getAccessMode($userobj, 'removeDocumentCategory') >= M_READWRITE) { if($document->setCategories(array())) - return $response->withJson(array('success'=>true, 'message'=>'Deleted categories successfully.', 'data'=>''), 200); + return $this->renderer->json($response, array('success'=>true, 'message'=>'Deleted categories successfully.', 'data'=>''))->withStatus(200); else - return $response->withJson(array('success'=>false, 'message'=>'', 'data'=>''), 500); + return $this->renderer->json($response, array('success'=>false, 'message'=>'', 'data'=>''))->withStatus(500); } else { - return $response->withJson(array('success'=>false, 'message'=>'No access', 'data'=>''), 403); + return $this->renderer->json($response, array('success'=>false, 'message'=>'No access', 'data'=>''))->withStatus(403); } } else { if($document === null) $status=404; else $status=500; - return $response->withJson(array('success'=>false, 'message'=>'No such document', 'data'=>''), $status); + return $this->renderer->json($response, array('success'=>false, 'message'=>'No such document', 'data'=>''))->withStatus($status); } } /* }}} */ function setDocumentOwner($request, $response, $args) { /* {{{ */ - $dms = $this->container->dms; - $userobj = $this->container->userobj; + $dms = $this->container->get('dms'); + $userobj = $this->container->get('userobj'); if(!$userobj) { - return $response->withJson(array('success'=>false, 'message'=>'Not logged in', 'data'=>''), 403); + return $this->renderer->json($response, array('success'=>false, 'message'=>'Not logged in', 'data'=>''))->withStatus(403); } if(!$userobj->isAdmin()) { - return $response->withJson(array('success'=>false, 'message'=>'No access on document', 'data'=>''), 403); + return $this->renderer->json($response, array('success'=>false, 'message'=>'No access on document', 'data'=>''))->withStatus(403); } if(!ctype_digit($args['id']) || $args['id'] == 0) { - return $response->withJson(array('success'=>false, 'message'=>'No document given', 'data'=>''), 400); + return $this->renderer->json($response, array('success'=>false, 'message'=>'No document given', 'data'=>''))->withStatus(400); return; } if(!ctype_digit($args['userid']) || $args['userid'] == 0) { - return $response->withJson(array('success'=>false, 'message'=>'No user given', 'data'=>''), 400); + return $this->renderer->json($response, array('success'=>false, 'message'=>'No user given', 'data'=>''))->withStatus(400); return; } $owner = $dms->getUser($args['userid']); @@ -1725,94 +1760,94 @@ class RestapiController { /* {{{ */ if($doc && $owner) { if($doc->getAccessMode($userobj, 'setDocumentOwner') > M_READ) { if ($doc->setOwner($owner)){ - return $response->withJson(array('success'=>true, 'message'=>'', 'data'=>''), 201); + return $this->renderer->json($response, array('success'=>true, 'message'=>'', 'data'=>''))->withStatus(201); } else { - return $response->withJson(array('success'=>false, 'message'=>'Could not set owner of document', 'data'=>''), 500); + return $this->renderer->json($response, array('success'=>false, 'message'=>'Could not set owner of document', 'data'=>''))->withStatus(500); } } else { - return $response->withJson(array('success'=>false, 'message'=>'No access on document', 'data'=>''), 403); + return $this->renderer->json($response, array('success'=>false, 'message'=>'No access on document', 'data'=>''))->withStatus(403); } } else { if(!$doc) - return $response->withJson(array('success'=>false, 'message'=>'No such document', 'data'=>''), 404); + return $this->renderer->json($response, array('success'=>false, 'message'=>'No such document', 'data'=>''))->withStatus(404); if(!$owner) - return $response->withJson(array('success'=>false, 'message'=>'No such user', 'data'=>''), 404); - return $response->withJson(array('success'=>false, 'message'=>'Could not find user or document', 'data'=>''), 500); + return $this->renderer->json($response, array('success'=>false, 'message'=>'No such user', 'data'=>''))->withStatus(404); + return $this->renderer->json($response, array('success'=>false, 'message'=>'Could not find user or document', 'data'=>''))->withStatus(500); } } /* }}} */ function setDocumentAttribute($request, $response, $args) { /* {{{ */ - $dms = $this->container->dms; - $userobj = $this->container->userobj; - $logger = $this->container->logger; + $dms = $this->container->get('dms'); + $userobj = $this->container->get('userobj'); + $logger = $this->container->get('logger'); if(!$userobj) { - return $response->withJson(array('success'=>false, 'message'=>'Not logged in', 'data'=>''), 403); + return $this->renderer->json($response, array('success'=>false, 'message'=>'Not logged in', 'data'=>''))->withStatus(403); return; } if(!ctype_digit($args['id']) || $args['id'] == 0) { - return $response->withJson(array('success'=>false, 'message'=>'No document given', 'data'=>''), 400); + return $this->renderer->json($response, array('success'=>false, 'message'=>'No document given', 'data'=>''))->withStatus(400); return; } if(!ctype_digit($args['attrdefid']) || $args['attrdefid'] == 0) { - return $response->withJson(array('success'=>false, 'message'=>'No attribute definition id given', 'data'=>''), 400); + return $this->renderer->json($response, array('success'=>false, 'message'=>'No attribute definition id given', 'data'=>''))->withStatus(400); return; } $attrdef = $dms->getAttributeDefinition($args['attrdefid']); $doc = $dms->getDocument($args['id']); if($doc && $attrdef) { if($attrdef->getObjType() !== SeedDMS_Core_AttributeDefinition::objtype_document) { - return $response->withJson(array('success'=>false, 'message'=>'Attribute definition "'.$attrdef->getName().'" not suitable for documents', 'data'=>''), 409); + return $this->renderer->json($response, array('success'=>false, 'message'=>'Attribute definition "'.$attrdef->getName().'" not suitable for documents', 'data'=>''))->withStatus(409); } $params = $request->getParsedBody(); if(!isset($params['value'])) { - return $response->withJson(array('success'=>false, 'message'=>'Attribute value not set', 'data'=>''), 400); + return $this->renderer->json($response, array('success'=>false, 'message'=>'Attribute value not set', 'data'=>''))->withStatus(400); } $new = $doc->getAttributeValue($attrdef) ? true : false; if(!$attrdef->validate($params['value'], $doc, $new)) { - return $response->withJson(array('success'=>false, 'message'=>'Validation of attribute value failed: '.$attrdef->getValidationError(), 'data'=>''), 400); + return $this->renderer->json($response, array('success'=>false, 'message'=>'Validation of attribute value failed: '.$attrdef->getValidationError(), 'data'=>''))->withStatus(400); } if($doc->getAccessMode($userobj, 'setDocumentAttribute') > M_READ) { if ($doc->setAttributeValue($attrdef, $params['value'])) { $logger->log("Setting attribute '".$attrdef->getName()."' (".$attrdef->getId().") to '".$params['value']."' successful", PEAR_LOG_INFO); - return $response->withJson(array('success'=>true, 'message'=>'', 'data'=>''), 201); + return $this->renderer->json($response, array('success'=>true, 'message'=>'', 'data'=>''))->withStatus(201); } else { - return $response->withJson(array('success'=>false, 'message'=>'Could not set attribute value of document', 'data'=>''), 500); + return $this->renderer->json($response, array('success'=>false, 'message'=>'Could not set attribute value of document', 'data'=>''))->withStatus(500); } } else { - return $response->withJson(array('success'=>false, 'message'=>'No access on document', 'data'=>''), 403); + return $this->renderer->json($response, array('success'=>false, 'message'=>'No access on document', 'data'=>''))->withStatus(403); } } else { if(!$doc) - return $response->withJson(array('success'=>false, 'message'=>'No such document', 'data'=>''), 404); + return $this->renderer->json($response, array('success'=>false, 'message'=>'No such document', 'data'=>''))->withStatus(404); if(!$attrdef) - return $response->withJson(array('success'=>false, 'message'=>'No such attr definition', 'data'=>''), 404); - return $response->withJson(array('success'=>false, 'message'=>'Could not find user or document', 'data'=>''), 500); + return $this->renderer->json($response, array('success'=>false, 'message'=>'No such attr definition', 'data'=>''))->withStatus(404); + return $this->renderer->json($response, array('success'=>false, 'message'=>'Could not find user or document', 'data'=>''))->withStatus(500); } } /* }}} */ function setDocumentContentAttribute($request, $response, $args) { /* {{{ */ - $dms = $this->container->dms; - $userobj = $this->container->userobj; - $logger = $this->container->logger; + $dms = $this->container->get('dms'); + $userobj = $this->container->get('userobj'); + $logger = $this->container->get('logger'); if(!$userobj) { - return $response->withJson(array('success'=>false, 'message'=>'Not logged in', 'data'=>''), 403); + return $this->renderer->json($response, array('success'=>false, 'message'=>'Not logged in', 'data'=>''))->withStatus(403); return; } if(!ctype_digit($args['id']) || $args['id'] == 0) { - return $response->withJson(array('success'=>false, 'message'=>'No document given', 'data'=>''), 400); + return $this->renderer->json($response, array('success'=>false, 'message'=>'No document given', 'data'=>''))->withStatus(400); return; } if(!ctype_digit($args['version']) || $args['version'] == 0) { - return $response->withJson(array('success'=>false, 'message'=>'No version number given', 'data'=>''), 400); + return $this->renderer->json($response, array('success'=>false, 'message'=>'No version number given', 'data'=>''))->withStatus(400); return; } if(!ctype_digit($args['attrdefid']) || $args['attrdefid'] == 0) { - return $response->withJson(array('success'=>false, 'message'=>'No attribute definition id given', 'data'=>''), 400); + return $this->renderer->json($response, array('success'=>false, 'message'=>'No attribute definition id given', 'data'=>''))->withStatus(400); return; } $attrdef = $dms->getAttributeDefinition($args['attrdefid']); @@ -1820,100 +1855,100 @@ class RestapiController { /* {{{ */ $version = $doc->getContentByVersion($args['version']); if($doc && $attrdef && $version) { if($attrdef->getObjType() !== SeedDMS_Core_AttributeDefinition::objtype_documentcontent) { - return $response->withJson(array('success'=>false, 'message'=>'Attribute definition "'.$attrdef->getName().'" not suitable for document versions', 'data'=>''), 409); + return $this->renderer->json($response, array('success'=>false, 'message'=>'Attribute definition "'.$attrdef->getName().'" not suitable for document versions', 'data'=>''))->withStatus(409); } $params = $request->getParsedBody(); if(!isset($params['value'])) { - return $response->withJson(array('success'=>false, 'message'=>'Attribute value not set', 'data'=>''), 400); + return $this->renderer->json($response, array('success'=>false, 'message'=>'Attribute value not set', 'data'=>''))->withStatus(400); } $new = $version->getAttributeValue($attrdef) ? true : false; if(!$attrdef->validate($params['value'], $version, $new)) { - return $response->withJson(array('success'=>false, 'message'=>'Validation of attribute value failed: '.$attrdef->getValidationError(), 'data'=>''), 400); + return $this->renderer->json($response, array('success'=>false, 'message'=>'Validation of attribute value failed: '.$attrdef->getValidationError(), 'data'=>''))->withStatus(400); } if($doc->getAccessMode($userobj, 'setDocumentContentAttribute') > M_READ) { if ($version->setAttributeValue($attrdef, $params['value'])) { $logger->log("Setting attribute '".$attrdef->getName()."' (".$attrdef->getId().") to '".$params['value']."' successful", PEAR_LOG_INFO); - return $response->withJson(array('success'=>true, 'message'=>'', 'data'=>''), 201); + return $this->renderer->json($response, array('success'=>true, 'message'=>'', 'data'=>''))->withStatus(201); } else { - return $response->withJson(array('success'=>false, 'message'=>'Could not set attribute value of document content', 'data'=>''), 500); + return $this->renderer->json($response, array('success'=>false, 'message'=>'Could not set attribute value of document content', 'data'=>''))->withStatus(500); } } else { - return $response->withJson(array('success'=>false, 'message'=>'No access on document', 'data'=>''), 403); + return $this->renderer->json($response, array('success'=>false, 'message'=>'No access on document', 'data'=>''))->withStatus(403); } } else { if(!$doc) - return $response->withJson(array('success'=>false, 'message'=>'No such document', 'data'=>''), 404); + return $this->renderer->json($response, array('success'=>false, 'message'=>'No such document', 'data'=>''))->withStatus(404); if(!$version) - return $response->withJson(array('success'=>false, 'message'=>'No such version', 'data'=>''), 404); + return $this->renderer->json($response, array('success'=>false, 'message'=>'No such version', 'data'=>''))->withStatus(404); if(!$attrdef) - return $response->withJson(array('success'=>false, 'message'=>'No such attr definition', 'data'=>''), 404); - return $response->withJson(array('success'=>false, 'message'=>'Could not find user or document', 'data'=>''), 500); + return $this->renderer->json($response, array('success'=>false, 'message'=>'No such attr definition', 'data'=>''))->withStatus(404); + return $this->renderer->json($response, array('success'=>false, 'message'=>'Could not find user or document', 'data'=>''))->withStatus(500); } } /* }}} */ function setFolderAttribute($request, $response, $args) { /* {{{ */ - $dms = $this->container->dms; - $userobj = $this->container->userobj; - $logger = $this->container->logger; + $dms = $this->container->get('dms'); + $userobj = $this->container->get('userobj'); + $logger = $this->container->get('logger'); if(!$userobj) { - return $response->withJson(array('success'=>false, 'message'=>'Not logged in', 'data'=>''), 403); + return $this->renderer->json($response, array('success'=>false, 'message'=>'Not logged in', 'data'=>''))->withStatus(403); return; } if(!ctype_digit($args['id']) || $args['id'] == 0) { - return $response->withJson(array('success'=>false, 'message'=>'No folder given', 'data'=>''), 400); + return $this->renderer->json($response, array('success'=>false, 'message'=>'No folder given', 'data'=>''))->withStatus(400); return; } if(!ctype_digit($args['attrdefid']) || $args['attrdefid'] == 0) { - return $response->withJson(array('success'=>false, 'message'=>'No attribute definition id given', 'data'=>''), 400); + return $this->renderer->json($response, array('success'=>false, 'message'=>'No attribute definition id given', 'data'=>''))->withStatus(400); return; } $attrdef = $dms->getAttributeDefinition($args['attrdefid']); $obj = $dms->getFolder($args['id']); if($obj && $attrdef) { if($attrdef->getObjType() !== SeedDMS_Core_AttributeDefinition::objtype_folder) { - return $response->withJson(array('success'=>false, 'message'=>'Attribute definition "'.$attrdef->getName().'" not suitable for folders', 'data'=>''), 409); + return $this->renderer->json($response, array('success'=>false, 'message'=>'Attribute definition "'.$attrdef->getName().'" not suitable for folders', 'data'=>''))->withStatus(409); } $params = $request->getParsedBody(); if(!isset($params['value'])) { - return $response->withJson(array('success'=>false, 'message'=>'Attribute value not set', 'data'=>''.$request->getHeader('Content-Type')[0]), 400); + return $this->renderer->json($response, array('success'=>false, 'message'=>'Attribute value not set', 'data'=>''.$request->getHeader('Content-Type')[0]))->withStatus(400); } if(strlen($params['value'])) { $new = $obj->getAttributeValue($attrdef) ? true : false; if(!$attrdef->validate($params['value'], $obj, $new)) { - return $response->withJson(array('success'=>false, 'message'=>'Validation of attribute value failed: '.$attrdef->getValidationError(), 'data'=>''), 400); + return $this->renderer->json($response, array('success'=>false, 'message'=>'Validation of attribute value failed: '.$attrdef->getValidationError(), 'data'=>''))->withStatus(400); } } if($obj->getAccessMode($userobj, 'setFolderAttribute') > M_READ) { if ($obj->setAttributeValue($attrdef, $params['value'])) { $logger->log("Setting attribute '".$attrdef->getName()."' (".$attrdef->getId().") to '".$params['value']."' successful", PEAR_LOG_INFO); - return $response->withJson(array('success'=>true, 'message'=>'', 'data'=>''), 201); + return $this->renderer->json($response, array('success'=>true, 'message'=>'', 'data'=>''))->withStatus(201); } else { - return $response->withJson(array('success'=>false, 'message'=>'Could not set attribute value of folder', 'data'=>''), 500); + return $this->renderer->json($response, array('success'=>false, 'message'=>'Could not set attribute value of folder', 'data'=>''))->withStatus(500); } } else { - return $response->withJson(array('success'=>false, 'message'=>'No access on folder', 'data'=>''), 403); + return $this->renderer->json($response, array('success'=>false, 'message'=>'No access on folder', 'data'=>''))->withStatus(403); } } else { if(!$obj) - return $response->withJson(array('success'=>false, 'message'=>'No such folder', 'data'=>''), 404); + return $this->renderer->json($response, array('success'=>false, 'message'=>'No such folder', 'data'=>''))->withStatus(404); if(!$attrdef) - return $response->withJson(array('success'=>false, 'message'=>'No such attr definition', 'data'=>''), 404); - return $response->withJson(array('success'=>false, 'message'=>'Could not find user or folder', 'data'=>''), 500); + return $this->renderer->json($response, array('success'=>false, 'message'=>'No such attr definition', 'data'=>''))->withStatus(404); + return $this->renderer->json($response, array('success'=>false, 'message'=>'Could not find user or folder', 'data'=>''))->withStatus(500); } } /* }}} */ function getAccount($request, $response) { /* {{{ */ - $dms = $this->container->dms; - $userobj = $this->container->userobj; + $dms = $this->container->get('dms'); + $userobj = $this->container->get('userobj'); if($userobj) { - return $response->withJson(array('success'=>true, 'message'=>'', 'data'=>$this->__getUserData($userobj)), 200); + return $this->renderer->json($response, array('success'=>true, 'message'=>'', 'data'=>$this->__getUserData($userobj)))->withStatus(200); } else { - return $response->withJson(array('success'=>false, 'message'=>'Not logged in', 'data'=>''), 403); + return $this->renderer->json($response, array('success'=>false, 'message'=>'Not logged in', 'data'=>''))->withStatus(403); } } /* }}} */ @@ -1924,8 +1959,8 @@ class RestapiController { /* {{{ */ * return a list of words only. */ function doSearch($request, $response) { /* {{{ */ - $dms = $this->container->dms; - $userobj = $this->container->userobj; + $dms = $this->container->get('dms'); + $userobj = $this->container->get('userobj'); $params = $request->getQueryParams(); $querystr = $params['query']; @@ -1950,7 +1985,7 @@ class RestapiController { /* {{{ */ $resArr = $dms->search($sparams); // $resArr = $dms->search($querystr, $limit, $offset, 'AND', $searchin, null, null, array(), array('hour'=>1, 'minute'=>0, 'second'=>0, 'year'=>date('Y')-1, 'month'=>date('m'), 'day'=>date('d')), array(), array(), array(), array(), array(), $objects); if($resArr === false) { - return $response->withJson(array(), 200); + return $this->renderer->json($response, array())->withStatus(200); } $entries = array(); $count = 0; @@ -2007,7 +2042,7 @@ class RestapiController { /* {{{ */ if($recs) // array_unshift($recs, array('type'=>'', 'id'=>0, 'name'=>$querystr, 'comment'=>'')); array_unshift($recs, ' '.$querystr); - return $response->withJson($recs, 200); + return $this->renderer->json($response, $recs)->withStatus(200); break; default: $recs = array(); @@ -2023,7 +2058,7 @@ class RestapiController { /* {{{ */ $recs[] = $this->__getFolderData($folder); } } - return $response->withJson(array('success'=>true, 'message'=>'', 'data'=>$recs)); + return $this->renderer->json($response, array('success'=>true, 'message'=>'', 'data'=>$recs)); break; } } /* }}} */ @@ -2033,8 +2068,8 @@ class RestapiController { /* {{{ */ * */ function doSearchByAttr($request, $response) { /* {{{ */ - $dms = $this->container->dms; - $userobj = $this->container->userobj; + $dms = $this->container->get('dms'); + $userobj = $this->container->get('userobj'); $params = $request->getQueryParams(); $attrname = $params['name']; @@ -2076,26 +2111,28 @@ class RestapiController { /* {{{ */ $recs[] = $this->__getFolderData($folder); } } - return $response->withJson(array('success'=>true, 'message'=>'', 'data'=>$recs), 200); + return $this->renderer->json($response, array('success'=>true, 'message'=>'', 'data'=>$recs))->withStatus(200); } /* }}} */ function checkIfAdmin($request, $response) { /* {{{ */ - $dms = $this->container->dms; - $userobj = $this->container->userobj; + $dms = $this->container->get('dms'); + if(!$this->container->has('userobj')) + echo "no user object"; - if(!$userobj) { - return $response->withJson(array('success'=>false, 'message'=>'Not logged in', 'data'=>''), 403); + if(!$this->container->has('userobj') || !($userobj = $this->container->get('userobj'))) { + return $this->renderer->json($response, ['success'=>false, 'message'=>'Not logged in', 'data'=>''])->withStatus(403); } + if(!$userobj->isAdmin()) { - return $response->withJson(array('success'=>false, 'message'=>'You must be logged in with an administrator account to access this resource', 'data'=>''), 403); + return $this->renderer->json($response, array('success'=>false, 'message'=>'You must be logged in with an administrator account to access this resource', 'data'=>''))->withStatus(403); } return true; } /* }}} */ function getUsers($request, $response) { /* {{{ */ - $dms = $this->container->dms; - $userobj = $this->container->userobj; + $dms = $this->container->get('dms'); + $userobj = $this->container->get('userobj'); $check = $this->checkIfAdmin($request, $response); if($check !== true) return $check; @@ -2105,12 +2142,12 @@ class RestapiController { /* {{{ */ foreach($users as $u) $data[] = $this->__getUserData($u); - return $response->withJson(array('success'=>true, 'message'=>'', 'data'=>$data), 200); + return $this->renderer->json($response, array('success'=>true, 'message'=>'', 'data'=>$data))->withStatus(200); } /* }}} */ function createUser($request, $response) { /* {{{ */ - $dms = $this->container->dms; - $userobj = $this->container->userobj; + $dms = $this->container->get('dms'); + $userobj = $this->container->get('userobj'); $check = $this->checkIfAdmin($request, $response); if($check !== true) @@ -2118,12 +2155,12 @@ class RestapiController { /* {{{ */ $params = $request->getParsedBody(); if(empty(trim($params['user']))) { - return $response->withJson(array('success'=>false, 'message'=>'Missing user login', 'data'=>''), 400); + return $this->renderer->json($response, array('success'=>false, 'message'=>'Missing user login', 'data'=>''))->withStatus(400); } $userName = $params['user']; $password = isset($params['pass']) ? $params['pass'] : ''; if(empty(trim($params['name']))) { - return $response->withJson(array('success'=>false, 'message'=>'Missing full user name', 'data'=>''), 400); + return $this->renderer->json($response, array('success'=>false, 'message'=>'Missing full user name', 'data'=>''))->withStatus(400); } $fullname = $params['name']; $email = isset($params['email']) ? $params['email'] : ''; @@ -2138,16 +2175,16 @@ class RestapiController { /* {{{ */ $newAccount = $dms->addUser($userName, seed_pass_hash($password), $fullname, $email, $language, $theme, $comment, $roleobj); if ($newAccount === false) { - return $response->withJson(array('success'=>false, 'message'=>'Account could not be created, maybe it already exists', 'data'=>''), 500); + return $this->renderer->json($response, array('success'=>false, 'message'=>'Account could not be created, maybe it already exists', 'data'=>''))->withStatus(500); } $result = $this->__getUserData($newAccount); - return $response->withJson(array('success'=>true, 'message'=>'', 'data'=>$result), 201); + return $this->renderer->json($response, array('success'=>true, 'message'=>'', 'data'=>$result))->withStatus(201); } /* }}} */ function deleteUser($request, $response, $args) { /* {{{ */ - $dms = $this->container->dms; - $userobj = $this->container->userobj; + $dms = $this->container->get('dms'); + $userobj = $this->container->get('userobj'); $check = $this->checkIfAdmin($request, $response); if($check !== true) @@ -2155,12 +2192,12 @@ class RestapiController { /* {{{ */ if($user = $dms->getUser($args['id'])) { if($result = $user->remove($userobj, $userobj)) { - return $response->withJson(array('success'=>$result, 'message'=>'', 'data'=>''), 200); + return $this->renderer->json($response, array('success'=>$result, 'message'=>'', 'data'=>''))->withStatus(200); } else { - return $response->withJson(array('success'=>$result, 'message'=>'Could not delete user', 'data'=>''), 500); + return $this->renderer->json($response, array('success'=>$result, 'message'=>'Could not delete user', 'data'=>''))->withStatus(500); } } else { - return $response->withJson(array('success'=>false, 'message'=>'No such user', 'data'=>''), 404); + return $this->renderer->json($response, array('success'=>false, 'message'=>'No such user', 'data'=>''))->withStatus(404); } } /* }}} */ @@ -2171,8 +2208,8 @@ class RestapiController { /* {{{ */ * @param $id The user name or numerical identifier */ function changeUserPassword($request, $response, $args) { /* {{{ */ - $dms = $this->container->dms; - $userobj = $this->container->userobj; + $dms = $this->container->get('dms'); + $userobj = $this->container->get('userobj'); $check = $this->checkIfAdmin($request, $response); if($check !== true) @@ -2180,7 +2217,7 @@ class RestapiController { /* {{{ */ $params = $request->getParsedBody(); if ($params['password'] == null) { - return $response->withJson(array('success'=>false, 'message'=>'You must supply a new password', 'data'=>''), 400); + return $this->renderer->json($response, array('success'=>false, 'message'=>'You must supply a new password', 'data'=>''))->withStatus(400); } $newPassword = $params['password']; @@ -2195,22 +2232,106 @@ class RestapiController { /* {{{ */ * User not found */ if (!$account) { - return $response->withJson(array('success'=>false, 'message'=>'', 'data'=>'User not found.'), 404); + return $this->renderer->json($response, array('success'=>false, 'message'=>'', 'data'=>'User not found.'))->withStatus(404); return; } $operation = $account->setPwd(seed_pass_hash($newPassword)); if (!$operation){ - return $response->withJson(array('success'=>false, 'message'=>'', 'data'=>'Could not change password.'), 404); + return $this->renderer->json($response, array('success'=>false, 'message'=>'', 'data'=>'Could not change password.'))->withStatus(404); } - return $response->withJson(array('success'=>true, 'message'=>'', 'data'=>''), 200); + return $this->renderer->json($response, array('success'=>true, 'message'=>'', 'data'=>''))->withStatus(200); + } /* }}} */ + + /** + * Updates the quota of an existing account + * + * @param $id The user name or numerical identifier + */ + function changeUserQuota($request, $response, $args) { /* {{{ */ + $dms = $this->container->get('dms'); + $userobj = $this->container->get('userobj'); + + $check = $this->checkIfAdmin($request, $response); + if($check !== true) + return $check; + + $params = $request->getParsedBody(); + if ($params['quota'] == null) { + return $this->renderer->json($response, array('success'=>false, 'message'=>'You must supply a new quota', 'data'=>''))->withStatus(400); + } + + $newQuota = $params['quota']; + + if(ctype_digit($args['id'])) + $account = $dms->getUser($args['id']); + else { + $account = $dms->getUserByLogin($args['id']); + } + + /** + * User not found + */ + if (!$account) { + return $this->renderer->json($response, array('success'=>false, 'message'=>'', 'data'=>'User not found.'))->withStatus(404); + return; + } + + $operation = $account->setQuota($newQuota); + + if (!$operation){ + return $this->renderer->json($response, array('success'=>false, 'message'=>'', 'data'=>'Could not change quota.'))->withStatus(404); + } + + return $this->renderer->json($response, array('success'=>true, 'message'=>'', 'data'=>''))->withStatus(200); + } /* }}} */ + + function changeUserHomefolder($request, $response, $args) { /* {{{ */ + $dms = $this->container->get('dms'); + $userobj = $this->container->get('userobj'); + + $check = $this->checkIfAdmin($request, $response); + if($check !== true) + return $check; + + if(ctype_digit($args['id'])) + $account = $dms->getUser($args['id']); + else { + $account = $dms->getUserByLogin($args['id']); + } + + /** + * User not found + */ + if (!$account) { + return $this->renderer->json($response, array('success'=>false, 'message'=>'', 'data'=>'User not found.'))->withStatus(404); + return; + } + + if(!ctype_digit($args['folderid']) || $args['folderid'] == 0) { + return $this->renderer->json($response, array('success'=>false, 'message'=>'No homefolder given', 'data'=>''))->withStatus(400); + return; + } + $newHomefolder = $dms->getFolder($args['folderid']); + if (!$newHomefolder) { + return $this->renderer->json($response, array('success'=>false, 'message'=>'', 'data'=>'Folder not found.'))->withStatus(404); + return; + } + + $operation = $account->setHomeFolder($newHomefolder->getId()); + + if (!$operation){ + return $this->renderer->json($response, array('success'=>false, 'message'=>'', 'data'=>'Could not change homefolder.'))->withStatus(404); + } + + return $this->renderer->json($response, array('success'=>true, 'message'=>'', 'data'=>''))->withStatus(200); } /* }}} */ function getUserById($request, $response, $args) { /* {{{ */ - $dms = $this->container->dms; - $userobj = $this->container->userobj; + $dms = $this->container->get('dms'); + $userobj = $this->container->get('userobj'); $check = $this->checkIfAdmin($request, $response); if($check !== true) @@ -2222,22 +2343,22 @@ class RestapiController { /* {{{ */ } if($account) { $data = $this->__getUserData($account); - return $response->withJson(array('success'=>true, 'message'=>'', 'data'=>$data), 200); + return $this->renderer->json($response, array('success'=>true, 'message'=>'', 'data'=>$data))->withStatus(200); } else { - return $response->withJson(array('success'=>false, 'message'=>'No such user', 'data'=>''), 404); + return $this->renderer->json($response, array('success'=>false, 'message'=>'No such user', 'data'=>''))->withStatus(404); } } /* }}} */ function setDisabledUser($request, $response, $args) { /* {{{ */ - $dms = $this->container->dms; - $userobj = $this->container->userobj; + $dms = $this->container->get('dms'); + $userobj = $this->container->get('userobj'); $check = $this->checkIfAdmin($request, $response); if($check !== true) return $check; $params = $request->getParsedBody(); if (!isset($params['disable'])) { - return $response->withJson(array('success'=>false, 'message'=>'You must supply a disabled state', 'data'=>''), 400); + return $this->renderer->json($response, array('success'=>false, 'message'=>'You must supply a disabled state', 'data'=>''))->withStatus(400); } $isDisabled = false; @@ -2255,9 +2376,9 @@ class RestapiController { /* {{{ */ if($account) { $account->setDisabled($isDisabled); $data = $this->__getUserData($account); - return $response->withJson(array('success'=>true, 'message'=>'', 'data'=>$data), 200); + return $this->renderer->json($response, array('success'=>true, 'message'=>'', 'data'=>$data))->withStatus(200); } else { - return $response->withJson(array('success'=>false, 'message'=>'No such user', 'data'=>''), 404); + return $this->renderer->json($response, array('success'=>false, 'message'=>'No such user', 'data'=>''))->withStatus(404); } } /* }}} */ @@ -2344,8 +2465,8 @@ class RestapiController { /* {{{ */ } /* }}} */ function getGroups($request, $response) { /* {{{ */ - $dms = $this->container->dms; - $userobj = $this->container->userobj; + $dms = $this->container->get('dms'); + $userobj = $this->container->get('userobj'); $check = $this->checkIfAdmin($request, $response); if($check !== true) @@ -2356,19 +2477,19 @@ class RestapiController { /* {{{ */ foreach($groups as $u) $data[] = $this->__getGroupData($u); - return $response->withJson(array('success'=>true, 'message'=>'', 'data'=>$data), 200); + return $this->renderer->json($response, array('success'=>true, 'message'=>'', 'data'=>$data))->withStatus(200); } /* }}} */ function createGroup($request, $response) { /* {{{ */ - $dms = $this->container->dms; - $userobj = $this->container->userobj; + $dms = $this->container->get('dms'); + $userobj = $this->container->get('userobj'); $check = $this->checkIfAdmin($request, $response); if($check !== true) return $check; $params = $request->getParsedBody(); if (empty($params['name'])) { - return $response->withJson(array('success'=>false, 'message'=>'Need a group name.', 'data'=>''), 400); + return $this->renderer->json($response, array('success'=>false, 'message'=>'Need a group name.', 'data'=>''))->withStatus(400); } $groupName = $params['name']; @@ -2376,16 +2497,16 @@ class RestapiController { /* {{{ */ $newGroup = $dms->addGroup($groupName, $comment); if ($newGroup === false) { - return $response->withJson(array('success'=>false, 'message'=>'Group could not be created, maybe it already exists', 'data'=>''), 500); + return $this->renderer->json($response, array('success'=>false, 'message'=>'Group could not be created, maybe it already exists', 'data'=>''))->withStatus(500); } // $result = array('id'=>(int)$newGroup->getID()); - return $response->withJson(array('success'=>true, 'message'=>'', 'data'=>$this->__getGroupData($newGroup)), 201); + return $this->renderer->json($response, array('success'=>true, 'message'=>'', 'data'=>$this->__getGroupData($newGroup)))->withStatus(201); } /* }}} */ function deleteGroup($request, $response, $args) { /* {{{ */ - $dms = $this->container->dms; - $userobj = $this->container->userobj; + $dms = $this->container->get('dms'); + $userobj = $this->container->get('userobj'); $check = $this->checkIfAdmin($request, $response); if($check !== true) @@ -2393,18 +2514,18 @@ class RestapiController { /* {{{ */ if($group = $dms->getGroup($args['id'])) { if($result = $group->remove($userobj)) { - return $response->withJson(array('success'=>$result, 'message'=>'', 'data'=>''), 200); + return $this->renderer->json($response, array('success'=>$result, 'message'=>'', 'data'=>''))->withStatus(200); } else { - return $response->withJson(array('success'=>$result, 'message'=>'Could not delete group', 'data'=>''), 500); + return $this->renderer->json($response, array('success'=>$result, 'message'=>'Could not delete group', 'data'=>''))->withStatus(500); } } else { - return $response->withJson(array('success'=>false, 'message'=>'No such group', 'data'=>''), 404); + return $this->renderer->json($response, array('success'=>false, 'message'=>'No such group', 'data'=>''))->withStatus(404); } } /* }}} */ function getGroup($request, $response, $args) { /* {{{ */ - $dms = $this->container->dms; - $userobj = $this->container->userobj; + $dms = $this->container->get('dms'); + $userobj = $this->container->get('userobj'); $check = $this->checkIfAdmin($request, $response); if($check !== true) @@ -2420,15 +2541,15 @@ class RestapiController { /* {{{ */ foreach ($group->getUsers() as $user) { $data['users'][] = array('id' => (int)$user->getID(), 'login' => $user->getLogin()); } - return $response->withJson(array('success'=>true, 'message'=>'', 'data'=>$data), 200); + return $this->renderer->json($response, array('success'=>true, 'message'=>'', 'data'=>$data))->withStatus(200); } else { - return $response->withJson(array('success'=>false, 'message'=>'No such group', 'data'=>''), 404); + return $this->renderer->json($response, array('success'=>false, 'message'=>'No such group', 'data'=>''))->withStatus(404); } } /* }}} */ function changeGroupMembership($request, $response, $args, $operationType) { /* {{{ */ - $dms = $this->container->dms; - $userobj = $this->container->userobj; + $dms = $this->container->get('dms'); + $userobj = $this->container->get('userobj'); $check = $this->checkIfAdmin($request, $response); if($check !== true) @@ -2442,7 +2563,7 @@ class RestapiController { /* {{{ */ $params = $request->getParsedBody(); if (empty($params['userid'])) { - return $response->withJson(array('success'=>false, 'message'=>'Missing userid', 'data'=>''), 500); + return $this->renderer->json($response, array('success'=>false, 'message'=>'Missing userid', 'data'=>''))->withStatus(400); } $userId = $params['userid']; if(ctype_digit($userId)) @@ -2473,7 +2594,7 @@ class RestapiController { /* {{{ */ { $message = 'Could not remove user from group.'; } - return $response->withJson(array('success'=>false, 'message'=>'Something went wrong. ' . $message, 'data'=>''), 500); + return $this->renderer->json($response, array('success'=>false, 'message'=>'Something went wrong. ' . $message, 'data'=>''))->withStatus(500); } $data = $this->__getGroupData($group); @@ -2481,7 +2602,7 @@ class RestapiController { /* {{{ */ foreach ($group->getUsers() as $userObj) { $data['users'][] = array('id' => (int)$userObj->getID(), 'login' => $userObj->getLogin()); } - return $response->withJson(array('success'=>true, 'message'=>'', 'data'=>$data), 200); + return $this->renderer->json($response, array('success'=>true, 'message'=>'', 'data'=>$data))->withStatus(200); } /* }}} */ function addUserToGroup($request, $response, $args) { /* {{{ */ @@ -2493,16 +2614,16 @@ class RestapiController { /* {{{ */ } /* }}} */ function setFolderInheritsAccess($request, $response, $args) { /* {{{ */ - $dms = $this->container->dms; - $userobj = $this->container->userobj; + $dms = $this->container->get('dms'); + $userobj = $this->container->get('userobj'); $check = $this->checkIfAdmin($request, $response); if($check !== true) return $check; $params = $request->getParsedBody(); - if (empty($params['enable'])) + if (!isset($params['enable'])) { - return $response->withJson(array('success'=>false, 'message'=>'You must supply an "enable" value', 'data'=>''), 200); + return $this->renderer->json($response, array('success'=>false, 'message'=>'You must supply an "enable" value', 'data'=>''))->withStatus(400); } $inherit = false; @@ -2525,9 +2646,49 @@ class RestapiController { /* {{{ */ // reread from db $folder = $dms->getFolder($folderId); $success = ($folder->inheritsAccess() == $inherit); - return $response->withJson(array('success'=>$success, 'message'=>'', 'data'=>$data), 200); + return $this->renderer->json($response, array('success'=>$success, 'message'=>'', 'data'=>$data))->withStatus(200); } else { - return $response->withJson(array('success'=>false, 'message'=>'No such folder', 'data'=>''), 404); + return $this->renderer->json($response, array('success'=>false, 'message'=>'No such folder', 'data'=>''))->withStatus(404); + } + } /* }}} */ + + function setFolderOwner($request, $response, $args) { /* {{{ */ + $dms = $this->container->get('dms'); + $userobj = $this->container->get('userobj'); + + if(!$userobj) { + return $this->renderer->json($response, array('success'=>false, 'message'=>'Not logged in', 'data'=>''))->withStatus(403); + } + if(!$userobj->isAdmin()) { + return $this->renderer->json($response, array('success'=>false, 'message'=>'No access on folder', 'data'=>''))->withStatus(403); + } + + if(!ctype_digit($args['id']) || $args['id'] == 0) { + return $this->renderer->json($response, array('success'=>false, 'message'=>'No folder given', 'data'=>''))->withStatus(400); + return; + } + if(!ctype_digit($args['userid']) || $args['userid'] == 0) { + return $this->renderer->json($response, array('success'=>false, 'message'=>'No user given', 'data'=>''))->withStatus(400); + return; + } + $owner = $dms->getUser($args['userid']); + $folder = $dms->getFolder($args['id']); + if($folder && $owner) { + if($folder->getAccessMode($userobj, 'setDocumentOwner') > M_READ) { + if ($folder->setOwner($owner)){ + return $this->renderer->json($response, array('success'=>true, 'message'=>'', 'data'=>''))->withStatus(201); + } else { + return $this->renderer->json($response, array('success'=>false, 'message'=>'Could not set owner of folder', 'data'=>''))->withStatus(500); + } + } else { + return $this->renderer->json($response, array('success'=>false, 'message'=>'No access on folder', 'data'=>''))->withStatus(403); + } + } else { + if(!$doc) + return $this->renderer->json($response, array('success'=>false, 'message'=>'No such folder', 'data'=>''))->withStatus(404); + if(!$owner) + return $this->renderer->json($response, array('success'=>false, 'message'=>'No such user', 'data'=>''))->withStatus(404); + return $this->renderer->json($response, array('success'=>false, 'message'=>'Could not find user or folder', 'data'=>''))->withStatus(500); } } /* }}} */ @@ -2548,8 +2709,8 @@ class RestapiController { /* {{{ */ } /* }}} */ function changeFolderAccess($request, $response, $args, $operationType, $userOrGroup) { /* {{{ */ - $dms = $this->container->dms; - $userobj = $this->container->userobj; + $dms = $this->container->get('dms'); + $userobj = $this->container->get('userobj'); $check = $this->checkIfAdmin($request, $response); if($check !== true) @@ -2561,7 +2722,7 @@ class RestapiController { /* {{{ */ $folder = $dms->getfolderByName($args['id']); } if (!$folder) { - return $response->withJson(array('success'=>false, 'message'=>'No such folder', 'data'=>''), 404); + return $this->renderer->json($response, array('success'=>false, 'message'=>'No such folder', 'data'=>''))->withStatus(404); } $params = $request->getParsedBody(); @@ -2570,12 +2731,12 @@ class RestapiController { /* {{{ */ { if ($params['id'] == null) { - return $response->withJson(array('success'=>false, 'message'=>'Please PUT the user or group Id', 'data'=>''), 200); + return $this->renderer->json($response, array('success'=>false, 'message'=>'Please PUT the user or group Id', 'data'=>''))->withStatus(400); } if ($params['mode'] == null) { - return $response->withJson(array('success'=>false, 'message'=>'Please PUT the access mode', 'data'=>''), 200); + return $this->renderer->json($response, array('success'=>false, 'message'=>'Please PUT the access mode', 'data'=>''))->withStatus(400); } $modeInput = $params['mode']; @@ -2645,47 +2806,47 @@ class RestapiController { /* {{{ */ { $message = 'Could not remove user/group access from this folder.'; } - return $response->withJson(array('success'=>false, 'message'=>'Something went wrong. ' . $message, 'data'=>''), 500); + return $this->renderer->json($response, array('success'=>false, 'message'=>'Something went wrong. ' . $message, 'data'=>''))->withStatus(500); } $data = array(); - return $response->withJson(array('success'=>true, 'message'=>'', 'data'=>$data), 200); + return $this->renderer->json($response, array('success'=>true, 'message'=>'', 'data'=>$data))->withStatus(200); } /* }}} */ function getCategories($request, $response) { /* {{{ */ - $dms = $this->container->dms; - $userobj = $this->container->userobj; + $dms = $this->container->get('dms'); + $userobj = $this->container->get('userobj'); if(false === ($categories = $dms->getDocumentCategories())) { - return $response->withJson(array('success'=>false, 'message'=>'Could not get categories', 'data'=>null), 500); + return $this->renderer->json($response, array('success'=>false, 'message'=>'Could not get categories', 'data'=>null))->withStatus(500); } $data = []; foreach($categories as $category) $data[] = $this->__getCategoryData($category); - return $response->withJson(array('success'=>true, 'message'=>'', 'data'=>$data), 200); + return $this->renderer->json($response, array('success'=>true, 'message'=>'', 'data'=>$data))->withStatus(200); } /* }}} */ function getCategory($request, $response, $args) { /* {{{ */ - $dms = $this->container->dms; - $userobj = $this->container->userobj; + $dms = $this->container->get('dms'); + $userobj = $this->container->get('userobj'); if(!ctype_digit($args['id'])) { - return $response->withJson(array('success'=>false, 'message'=>'Invalid parameter', 'data'=>''), 400); + return $this->renderer->json($response, array('success'=>false, 'message'=>'Invalid parameter', 'data'=>''))->withStatus(400); } $category = $dms->getDocumentCategory($args['id']); if($category) { - return $response->withJson(array('success'=>true, 'message'=>'', 'data'=>$this->__getCategoryData($category)), 200); + return $this->renderer->json($response, array('success'=>true, 'message'=>'', 'data'=>$this->__getCategoryData($category)))->withStatus(200); } else { - return $response->withJson(array('success'=>false, 'message'=>'No such category', 'data'=>''), 404); + return $this->renderer->json($response, array('success'=>false, 'message'=>'No such category', 'data'=>''))->withStatus(404); } } /* }}} */ function createCategory($request, $response) { /* {{{ */ - $dms = $this->container->dms; - $userobj = $this->container->userobj; - $logger = $this->container->logger; + $dms = $this->container->get('dms'); + $userobj = $this->container->get('userobj'); + $logger = $this->container->get('logger'); $check = $this->checkIfAdmin($request, $response); if($check !== true) @@ -2693,25 +2854,25 @@ class RestapiController { /* {{{ */ $params = $request->getParsedBody(); if (empty($params['name'])) { - return $response->withJson(array('success'=>false, 'message'=>'Need a category.', 'data'=>''), 400); + return $this->renderer->json($response, array('success'=>false, 'message'=>'Need a category.', 'data'=>''))->withStatus(400); } $catobj = $dms->getDocumentCategoryByName($params['name']); if($catobj) { - return $response->withJson(array('success'=>false, 'message'=>'Category already exists', 'data'=>''), 409); + return $this->renderer->json($response, array('success'=>false, 'message'=>'Category already exists', 'data'=>''))->withStatus(409); } else { if($data = $dms->addDocumentCategory($params['name'])) { $logger->log("Creating category '".$data->getName()."' (".$data->getId().") successful", PEAR_LOG_INFO); - return $response->withJson(array('success'=>true, 'message'=>'', 'data'=>$this->__getCategoryData($data)), 201); + return $this->renderer->json($response, array('success'=>true, 'message'=>'', 'data'=>$this->__getCategoryData($data)))->withStatus(201); } else { - return $response->withJson(array('success'=>false, 'message'=>'Could not add category', 'data'=>''), 500); + return $this->renderer->json($response, array('success'=>false, 'message'=>'Could not add category', 'data'=>''))->withStatus(500); } } } /* }}} */ function deleteCategory($request, $response, $args) { /* {{{ */ - $dms = $this->container->dms; - $userobj = $this->container->userobj; + $dms = $this->container->get('dms'); + $userobj = $this->container->get('userobj'); $check = $this->checkIfAdmin($request, $response); if($check !== true) @@ -2719,12 +2880,12 @@ class RestapiController { /* {{{ */ if($category = $dms->getDocumentCategory($args['id'])) { if($result = $category->remove()) { - return $response->withJson(array('success'=>$result, 'message'=>'', 'data'=>''), 200); + return $this->renderer->json($response, array('success'=>$result, 'message'=>'', 'data'=>''))->withStatus(200); } else { - return $response->withJson(array('success'=>$result, 'message'=>'Could not delete category', 'data'=>''), 500); + return $this->renderer->json($response, array('success'=>$result, 'message'=>'Could not delete category', 'data'=>''))->withStatus(500); } } else { - return $response->withJson(array('success'=>false, 'message'=>'No such category', 'data'=>''), 404); + return $this->renderer->json($response, array('success'=>false, 'message'=>'No such category', 'data'=>''))->withStatus(404); } } /* }}} */ @@ -2734,21 +2895,21 @@ class RestapiController { /* {{{ */ * @param $id The user name or numerical identifier */ function changeCategoryName($request, $response, $args) { /* {{{ */ - $dms = $this->container->dms; - $userobj = $this->container->userobj; + $dms = $this->container->get('dms'); + $userobj = $this->container->get('userobj'); $check = $this->checkIfAdmin($request, $response); if($check !== true) return $check; if(!ctype_digit($args['id'])) { - return $response->withJson(array('success'=>false, 'message'=>'Invalid parameter', 'data'=>''), 400); + return $this->renderer->json($response, array('success'=>false, 'message'=>'Invalid parameter', 'data'=>''))->withStatus(400); } $params = $request->getParsedBody(); if (empty($params['name'])) { - return $response->withJson(array('success'=>false, 'message'=>'You must supply a new name', 'data'=>''), 400); + return $this->renderer->json($response, array('success'=>false, 'message'=>'You must supply a new name', 'data'=>''))->withStatus(400); } $newname = $params['name']; @@ -2759,26 +2920,26 @@ class RestapiController { /* {{{ */ * Category not found */ if (!$category) { - return $response->withJson(array('success'=>false, 'message'=>'No such category', 'data'=>''), 404); + return $this->renderer->json($response, array('success'=>false, 'message'=>'No such category', 'data'=>''))->withStatus(404); } if (!$category->setName($newname)) { - return $response->withJson(array('success'=>false, 'message'=>'', 'data'=>'Could not change name.'), 400); + return $this->renderer->json($response, array('success'=>false, 'message'=>'', 'data'=>'Could not change name.'))->withStatus(400); } - return $response->withJson(array('success'=>true, 'message'=>'', 'data'=>$this->__getCategoryData($category)), 200); + return $this->renderer->json($response, array('success'=>true, 'message'=>'', 'data'=>$this->__getCategoryData($category)))->withStatus(200); } /* }}} */ function getAttributeDefinitions($request, $response) { /* {{{ */ - $dms = $this->container->dms; - $userobj = $this->container->userobj; + $dms = $this->container->get('dms'); + $userobj = $this->container->get('userobj'); $attrdefs = $dms->getAllAttributeDefinitions(); $data = []; foreach($attrdefs as $attrdef) $data[] = $this->__getAttributeDefinitionData($attrdef); - return $response->withJson(array('success'=>true, 'message'=>'', 'data'=>$data), 200); + return $this->renderer->json($response, array('success'=>true, 'message'=>'', 'data'=>$data))->withStatus(200); } /* }}} */ /** @@ -2787,20 +2948,20 @@ class RestapiController { /* {{{ */ * @param $id The user name or numerical identifier */ function changeAttributeDefinitionName($request, $response, $args) { /* {{{ */ - $dms = $this->container->dms; - $userobj = $this->container->userobj; + $dms = $this->container->get('dms'); + $userobj = $this->container->get('userobj'); $check = $this->checkIfAdmin($request, $response); if($check !== true) return $check; if(!ctype_digit($args['id'])) { - return $response->withJson(array('success'=>false, 'message'=>'Invalid parameter', 'data'=>''), 400); + return $this->renderer->json($response, array('success'=>false, 'message'=>'Invalid parameter', 'data'=>''))->withStatus(400); } $params = $request->getParsedBody(); - if ($params['name'] == null) { - return $response->withJson(array('success'=>false, 'message'=>'You must supply a new name', 'data'=>''), 400); + if (!isset($params['name']) || $params['name'] == null) { + return $this->renderer->json($response, array('success'=>false, 'message'=>'You must supply a new name', 'data'=>''))->withStatus(400); } $newname = $params['name']; @@ -2811,20 +2972,20 @@ class RestapiController { /* {{{ */ * Attribute definition not found */ if (!$attrdef) { - return $response->withJson(array('success'=>false, 'message'=>'No such attribute defintion', 'data'=>''), 404); + return $this->renderer->json($response, array('success'=>false, 'message'=>'No such attribute defintion', 'data'=>''))->withStatus(404); } if (!$attrdef->setName($newname)) { - return $response->withJson(array('success'=>false, 'message'=>'', 'data'=>'Could not change name.'), 400); + return $this->renderer->json($response, array('success'=>false, 'message'=>'', 'data'=>'Could not change name.'))->withStatus(400); return; } - return $response->withJson(array('success'=>true, 'message'=>'', 'data'=>$this->__getAttributeDefinitionData($attrdef)), 200); + return $this->renderer->json($response, array('success'=>true, 'message'=>'', 'data'=>$this->__getAttributeDefinitionData($attrdef)))->withStatus(200); } /* }}} */ function clearFolderAccessList($request, $response, $args) { /* {{{ */ - $dms = $this->container->dms; - $userobj = $this->container->userobj; + $dms = $this->container->get('dms'); + $userobj = $this->container->get('userobj'); $check = $this->checkIfAdmin($request, $response); if($check !== true) @@ -2836,17 +2997,16 @@ class RestapiController { /* {{{ */ $folder = $dms->getFolderByName($args['id']); } if (!$folder) { - return $response->withJson(array('success'=>false, 'message'=>'No such folder', 'data'=>''), 404); + return $this->renderer->json($response, array('success'=>false, 'message'=>'No such folder', 'data'=>''))->withStatus(404); } if (!$folder->clearAccessList()) { - return $response->withJson(array('success'=>false, 'message'=>'Something went wrong. Could not clear access list for this folder.', 'data'=>''), 500); + return $this->renderer->json($response, array('success'=>false, 'message'=>'Something went wrong. Could not clear access list for this folder.', 'data'=>''))->withStatus(500); } - return $response->withJson(array('success'=>true, 'message'=>'', 'data'=>''), 200); + return $this->renderer->json($response, array('success'=>true, 'message'=>'', 'data'=>''))->withStatus(200); } /* }}} */ function getStatsTotal($request, $response) { /* {{{ */ - $dms = $this->container->dms; - $userobj = $this->container->userobj; + $dms = $this->container->get('dms'); $check = $this->checkIfAdmin($request, $response); if($check !== true) return $check; @@ -2857,33 +3017,34 @@ class RestapiController { /* {{{ */ $data[$type] = $total; } - return $response->withJson(array('success'=>true, 'message'=>'', 'data'=>$data), 200); + return $this->renderer->json($response, array('success'=>true, 'message'=>'', 'data'=>$data))->withStatus(200); } /* }}} */ } /* }}} */ -class TestController { /* {{{ */ +final class SeedDMS_TestController { /* {{{ */ protected $container; + protected $renderer; // constructor receives container instance - public function __construct(ContainerInterface $container) { + public function __construct(ContainerInterface $container, JsonRenderer $renderer) { $this->container = $container; + $this->renderer = $renderer; } public function echoData($request, $response, $args) { /* {{{ */ - return $response->withJson(array('success'=>true, 'message'=>'This is the result of the echo call.', 'data'=>$args['data']), 200); + return $this->renderer->json($response, ['success'=>true, 'message'=>'This is the result of the echo call.', 'data'=>$args['data']]); } /* }}} */ public function version($request, $response, $args) { /* {{{ */ - $logger = $this->container->logger; + $logger = $this->container->get('logger'); $v = new SeedDMS_Version(); - return $response->withJson(array('success'=>true, 'message'=>'This is '.$v->banner(), 'data'=>['major'=>$v->majorVersion(), 'minor'=>$v->minorVersion(), 'subminor'=>$v->subminorVersion()]), 200); + return $this->renderer->json($response, ['success'=>true, 'message'=>'This is '.$v->banner(), 'data'=>['major'=>$v->majorVersion(), 'minor'=>$v->minorVersion(), 'subminor'=>$v->subminorVersion()]]); } /* }}} */ } /* }}} */ -/* Middleware for authentication */ -class RestapiAuth { /* {{{ */ +class RestapiCorsMiddleware implements MiddlewareInterface { /* {{{ */ private $container; @@ -2891,67 +3052,146 @@ class RestapiAuth { /* {{{ */ $this->container = $container; } + /** + * Example middleware invokable class + * + * @return \Psr\Http\Message\ResponseInterface + */ + public function process(ServerRequestInterface $request, RequestHandlerInterface $handler): ResponseInterface + { + $response = $handler->handle($request); + $response = $response + ->withHeader('Access-Control-Allow-Origin', $request->getHeader('Origin') ? $request->getHeader('Origin') : '*') + ->withHeader('Access-Control-Allow-Headers', 'X-Requested-With, Content-Type, Accept, Origin, Authorization') + ->withHeader('Access-Control-Allow-Methods', 'GET, POST, PUT, DELETE, PATCH, OPTIONS'); + return $response; + } +} /* }}} */ + +/* Middleware for authentication */ +class RestapiAuthMiddleware implements MiddlewareInterface { /* {{{ */ + + private $container; + + private $responsefactory; + + public function __construct($container, $responsefactory) { + $this->container = $container; + $this->responsefactory = $responsefactory; + } + /** * Example middleware invokable class * * @param \Psr\Http\Message\ServerRequestInterface $request PSR7 request - * @param \Psr\Http\Message\ResponseInterface $response PSR7 response - * @param callable $next Next middleware + * @param \Psr\Http\Server\RequestHandlerInterface $handler * * @return \Psr\Http\Message\ResponseInterface */ - public function __invoke($request, $response, $next) + public function process( + ServerRequestInterface $request, + RequestHandlerInterface $handler): ResponseInterface { // $this->container has the DI - $dms = $this->container->dms; - $settings = $this->container->config; - $logger = $this->container->logger; + $dms = $this->container->get('dms'); + $settings = $this->container->get('config'); + $logger = $this->container->get('logger'); + + $logger->log("Invoke AuthMiddleware for method ".$request->getMethod()." on '".$request->getUri()->getPath()."'".(isset($environment['HTTP_ORIGIN']) ? " with origin ".$environment['HTTP_ORIGIN'] : ''), PEAR_LOG_INFO); + $userobj = null; + /* Do not rely on $userobj being an object. It can be true, if a + * former authentication middleware has allowed access without + * authentification as a user. The paperless extension does this, + * for some endpoints, e.g. to get some general api information. + */ if($this->container->has('userobj')) - $userobj = $this->container->userobj; + $userobj = $this->container->get('userobj'); if($userobj) { - $response = $next($request, $response); + $logger->log("Already authenticated. Pass on to next middleware", PEAR_LOG_INFO); + $response = $handler->handle($request); return $response; } - $logger->log("Invoke middleware for method ".$request->getMethod()." on '".$request->getUri()->getPath()."'", PEAR_LOG_INFO); - $logger->log("Access with method ".$request->getMethod()." on '".$request->getUri()->getPath()."'".(isset($this->container->environment['HTTP_ORIGIN']) ? " with origin ".$this->container->environment['HTTP_ORIGIN'] : ''), PEAR_LOG_INFO); - if($settings->_apiOrigin && isset($this->container->environment['HTTP_ORIGIN'])) { + //$environment = $this->container->environment; // Slim 3 + $environment = $request->getServerParams(); + + if($settings->_apiOrigin && isset($environment['HTTP_ORIGIN'])) { $logger->log("Checking origin", PEAR_LOG_DEBUG); $origins = explode(',', $settings->_apiOrigin); - if(!in_array($this->container->environment['HTTP_ORIGIN'], $origins)) { - return $response->withStatus(403); + if(!in_array($environment['HTTP_ORIGIN'], $origins)) { + $response = $this->responsefactory->createResponse(); + $response = $response->withHeader('Content-Type', 'application/json'); + $response = $response->withStatus(403); + $response->getBody()->write( + (string)json_encode( + ['success'=>false, 'message'=>'Invalid origin', 'data'=>''], + JSON_UNESCAPED_SLASHES | JSON_PARTIAL_OUTPUT_ON_ERROR + ) + ); + return $response; } } /* The preflight options request doesn't have authorization in the header. So * don't even try to authorize. */ + $path = $environment['PATH_INFO'] ?? ''; if($request->getMethod() == 'OPTIONS') { $logger->log("Received preflight options request", PEAR_LOG_DEBUG); - } elseif(!in_array($request->getUri()->getPath(), array('login')) && substr($request->getUri()->getPath(), 0, 5) != 'echo/' && $request->getUri()->getPath() != 'version') { + } elseif(!in_array($path, array('/login')) && substr($path, 0, 6) != '/echo/' && $path != '/version') { $userobj = null; - if(!empty($this->container->environment['HTTP_AUTHORIZATION']) && !empty($settings->_apiKey) && !empty($settings->_apiUserId)) { - $logger->log("Authorization key: ".$this->container->environment['HTTP_AUTHORIZATION'], PEAR_LOG_DEBUG); - if($settings->_apiKey == $this->container->environment['HTTP_AUTHORIZATION']) { + $logger->log(var_export($environment, true), PEAR_LOG_DEBUG); + if(!empty($environment['HTTP_AUTHORIZATION']) && !empty($settings->_apiKey) && !empty($settings->_apiUserId)) { + $logger->log("Authorization key: ".$environment['HTTP_AUTHORIZATION'], PEAR_LOG_DEBUG); + if($settings->_apiKey == $environment['HTTP_AUTHORIZATION']) { if(!($userobj = $dms->getUser($settings->_apiUserId))) { - return $response->withJson(array('success'=>false, 'message'=>'Invalid user associated with api key', 'data'=>''), 403); + $response = $this->responsefactory->createResponse(); + $response = $response->withHeader('Content-Type', 'application/json'); + $response = $response->withStatus(403); + $response->getBody()->write( + (string)json_encode( + ['success'=>false, 'message'=>'Invalid user associated with api key', 'data'=>''], + JSON_UNESCAPED_SLASHES | JSON_PARTIAL_OUTPUT_ON_ERROR + ) + ); + return $response; } } else { - return $response->withJson(array('success'=>false, 'message'=>'Wrong api key', 'data'=>''), 403); + $response = $this->responsefactory->createResponse(); + $response = $response->withHeader('Content-Type', 'application/json'); + $response = $response->withStatus(403); + $response->getBody()->write( + (string)json_encode( + ['success'=>false, 'message'=>'Wrong api key', 'data'=>''], + JSON_UNESCAPED_SLASHES | JSON_PARTIAL_OUTPUT_ON_ERROR + ) + ); + return $response; } $logger->log("Login with apikey as '".$userobj->getLogin()."' successful", PEAR_LOG_INFO); } else { + $logger->log("Checking for valid session", PEAR_LOG_INFO); require_once("../inc/inc.ClassSession.php"); $session = new SeedDMS_Session($dms->getDb()); if (isset($_COOKIE["mydms_session"])) { + $logger->log("Found cookie for session", PEAR_LOG_INFO); $dms_session = $_COOKIE["mydms_session"]; $logger->log("Session key: ".$dms_session, PEAR_LOG_DEBUG); if(!$resArr = $session->load($dms_session)) { /* Delete Cookie */ setcookie("mydms_session", $dms_session, time()-3600, $settings->_httpRoot); $logger->log("Session for id '".$dms_session."' has gone", PEAR_LOG_ERR); - return $response->withJson(array('success'=>false, 'message'=>'Session has gone', 'data'=>''), 403); + $response = $this->responsefactory->createResponse(); + $response = $response->withHeader('Content-Type', 'application/json'); + $response = $response->withStatus(403); + $response->getBody()->write( + (string)json_encode( + ['success'=>false, 'message'=>'Session has gone', 'data'=>''], + JSON_UNESCAPED_SLASHES | JSON_PARTIAL_OUTPUT_ON_ERROR + ) + ); + return $response; } /* Load user data */ @@ -2961,41 +3201,85 @@ class RestapiAuth { /* {{{ */ setcookie("mydms_session", $dms_session, time()-3600, $settings->_httpRoot); if($settings->_enableGuestLogin) { if(!($userobj = $dms->getUser($settings->_guestID))) - return $response->withJson(array('success'=>false, 'message'=>'Could not get guest login', 'data'=>''), 403); + $response = $this->responsefactory->createResponse(); + $response = $response->withHeader('Content-Type', 'application/json'); + $response = $response->withStatus(403); + $response->getBody()->write( + (string)json_encode( + ['success'=>false, 'message'=>'Could not get guest login', 'data'=>''], + JSON_UNESCAPED_SLASHES | JSON_PARTIAL_OUTPUT_ON_ERROR + ) + ); + return $response; } else - return $response->withJson(array('success'=>false, 'message'=>'Login as guest disabled', 'data'=>''), 403); + $response = $this->responsefactory->createResponse(); + $response = $response->withHeader('Content-Type', 'application/json'); + $response = $response->withStatus(403); + $response->getBody()->write( + (string)json_encode( + ['success'=>false, 'message'=>'Login as guest disable', 'data'=>''], + JSON_UNESCAPED_SLASHES | JSON_PARTIAL_OUTPUT_ON_ERROR + ) + ); + return $response; } + $logger->log("Authorization as user '".$userobj->getLogin()."'", PEAR_LOG_DEBUG); if($userobj->isAdmin()) { if($resArr["su"]) { - if(!($userobj = $dms->getUser($resArr["su"]))) - return $response->withJson(array('success'=>false, 'message'=>'Cannot substitute user', 'data'=>''), 403); + if(!($userobj = $dms->getUser($resArr["su"]))) { + $response = $this->responsefactory->createResponse(); + $response = $response->withHeader('Content-Type', 'application/json'); + $response = $response->withStatus(403); + $response->getBody()->write( + (string)json_encode( + ['success'=>false, 'message'=>'Cannot substitute user', 'data'=>''], + JSON_UNESCAPED_SLASHES | JSON_PARTIAL_OUTPUT_ON_ERROR + ) + ); + return $response; + } } } -// $logger->log("Login with user name '".$userobj->getLogin()."' successful", PEAR_LOG_INFO); + $logger->log("Login with user name '".$userobj->getLogin()."' successful", PEAR_LOG_INFO); $dms->setUser($userobj); } else { - return $response->withJson(array('success'=>false, 'message'=>'Missing session cookie', 'data'=>''), 403); + $response = $this->responsefactory->createResponse(); + $response = $response->withHeader('Content-Type', 'application/json'); + $response = $response->withStatus(403); + $response->getBody()->write( + (string)json_encode( + ['success'=>false, 'message'=>'Missing session cookie', 'data'=>''], + JSON_UNESCAPED_SLASHES | JSON_PARTIAL_OUTPUT_ON_ERROR + ) + ); + return $response; } } - $this->container['userobj'] = $userobj; + $this->container->set('userobj', $userobj); } - $response = $next($request, $response); + $response = $handler->handle($request); + $logger->log("End AuthMiddleware for method ".$request->getMethod()." on '".$request->getUri()->getPath()."'", PEAR_LOG_INFO); return $response; } } /* }}} */ -$app = new \Slim\App(); +$containerBuilder = new ContainerBuilder(); +$c = $containerBuilder->build(); +AppFactory::setContainer($c); +$app = AppFactory::create(); $container = $app->getContainer(); -$container['dms'] = $dms; -$container['config'] = $settings; -$container['conversionmgr'] = $conversionmgr; -$container['logger'] = $logger; -$container['fulltextservice'] = $fulltextservice; -$container['notifier'] = $notifier; -$container['authenticator'] = $authenticator; +$container->set('dms', $dms); +$container->set('config', $settings); +$container->set('conversionmgr', $conversionmgr); +$container->set('logger', $logger); +$container->set('fulltextservice', $fulltextservice); +$container->set('notifier', $notifier); +$container->set('authenticator', $authenticator); -$app->add(new RestapiAuth($container)); +$app->setBasePath($settings->_httpRoot."restapi/index.php"); + +$app->add(new RestapiAuthMiddleware($container, $app->getResponseFactory())); if(isset($GLOBALS['SEEDDMS_HOOKS']['initRestAPI'])) { foreach($GLOBALS['SEEDDMS_HOOKS']['initRestAPI'] as $hookObj) { @@ -3005,95 +3289,96 @@ if(isset($GLOBALS['SEEDDMS_HOOKS']['initRestAPI'])) { } } +$app->addErrorMiddleware(true, true, true); + +$app->add(new RestapiCorsMiddleware($container)); + // Make CORS preflighted request possible $app->options('/{routes:.+}', function ($request, $response, $args) { return $response; }); -$app->add(function ($req, $res, $next) { - $response = $next($req, $res); - return $response - ->withHeader('Access-Control-Allow-Origin', $req->getHeader('Origin') ? $req->getHeader('Origin') : '*') - ->withHeader('Access-Control-Allow-Headers', 'X-Requested-With, Content-Type, Accept, Origin, Authorization') - ->withHeader('Access-Control-Allow-Methods', 'GET, POST, PUT, DELETE, PATCH, OPTIONS'); -}); + // use post for create operation // use get for retrieval operation // use put for update operation // use delete for delete operation -$app->post('/login', \RestapiController::class.':doLogin'); -$app->get('/logout', \RestapiController::class.':doLogout'); -$app->get('/account', \RestapiController::class.':getAccount'); -$app->get('/search', \RestapiController::class.':doSearch'); -$app->get('/searchbyattr', \RestapiController::class.':doSearchByAttr'); -$app->get('/folder', \RestapiController::class.':getFolder'); -$app->get('/folder/{id}', \RestapiController::class.':getFolder'); -$app->post('/folder/{id}/move/{folderid}', \RestapiController::class.':moveFolder'); -$app->delete('/folder/{id}', \RestapiController::class.':deleteFolder'); -$app->get('/folder/{id}/children', \RestapiController::class.':getFolderChildren'); -$app->get('/folder/{id}/parent', \RestapiController::class.':getFolderParent'); -$app->get('/folder/{id}/path', \RestapiController::class.':getFolderPath'); -$app->get('/folder/{id}/attributes', \RestapiController::class.':getFolderAttributes'); -$app->put('/folder/{id}/attribute/{attrdefid}', \RestapiController::class.':setFolderAttribute'); -$app->post('/folder/{id}/folder', \RestapiController::class.':createFolder'); -$app->put('/folder/{id}/document', \RestapiController::class.':uploadDocumentPut'); -$app->post('/folder/{id}/document', \RestapiController::class.':uploadDocument'); -$app->get('/document/{id}', \RestapiController::class.':getDocument'); -$app->post('/document/{id}/attachment', \RestapiController::class.':uploadDocumentFile'); -$app->post('/document/{id}/update', \RestapiController::class.':updateDocument'); -$app->delete('/document/{id}', \RestapiController::class.':deleteDocument'); -$app->post('/document/{id}/move/{folderid}', \RestapiController::class.':moveDocument'); -$app->get('/document/{id}/content', \RestapiController::class.':getDocumentContent'); -$app->get('/document/{id}/versions', \RestapiController::class.':getDocumentVersions'); -$app->get('/document/{id}/version/{version}', \RestapiController::class.':getDocumentVersion'); -$app->put('/document/{id}/version/{version}', \RestapiController::class.':updateDocumentVersion'); -$app->get('/document/{id}/version/{version}/attributes', \RestapiController::class.':getDocumentContentAttributes'); -$app->put('/document/{id}/version/{version}/attribute/{attrdefid}', \RestapiController::class.':setDocumentContentAttribute'); -$app->get('/document/{id}/files', \RestapiController::class.':getDocumentFiles'); -$app->get('/document/{id}/file/{fileid}', \RestapiController::class.':getDocumentFile'); -$app->get('/document/{id}/links', \RestapiController::class.':getDocumentLinks'); -$app->post('/document/{id}/link/{documentid}', \RestapiController::class.':addDocumentLink'); -$app->get('/document/{id}/attributes', \RestapiController::class.':getDocumentAttributes'); -$app->put('/document/{id}/attribute/{attrdefid}', \RestapiController::class.':setDocumentAttribute'); -$app->get('/document/{id}/preview/{version}/{width}', \RestapiController::class.':getDocumentPreview'); -$app->delete('/document/{id}/categories', \RestapiController::class.':removeDocumentCategories'); -$app->delete('/document/{id}/category/{catid}', \RestapiController::class.':removeDocumentCategory'); -$app->post('/document/{id}/category/{catid}', \RestapiController::class.':addDocumentCategory'); -$app->put('/document/{id}/owner/{userid}', \RestapiController::class.':setDocumentOwner'); -$app->put('/account/fullname', \RestapiController::class.':setFullName'); -$app->put('/account/email', \RestapiController::class.':setEmail'); -$app->get('/account/documents/locked', \RestapiController::class.':getLockedDocuments'); -$app->get('/users', \RestapiController::class.':getUsers'); -$app->delete('/users/{id}', \RestapiController::class.':deleteUser'); -$app->post('/users', \RestapiController::class.':createUser'); -$app->get('/users/{id}', \RestapiController::class.':getUserById'); -$app->put('/users/{id}/disable', \RestapiController::class.':setDisabledUser'); -$app->put('/users/{id}/password', \RestapiController::class.':changeUserPassword'); -$app->get('/roles', \RestapiController::class.':getRoles'); -$app->post('/roles', \RestapiController::class.':createRole'); -$app->get('/roles/{id}', \RestapiController::class.':getRole'); -$app->delete('/roles/{id}', \RestapiController::class.':deleteRole'); -$app->post('/groups', \RestapiController::class.':createGroup'); -$app->get('/groups', \RestapiController::class.':getGroups'); -$app->delete('/groups/{id}', \RestapiController::class.':deleteGroup'); -$app->get('/groups/{id}', \RestapiController::class.':getGroup'); -$app->put('/groups/{id}/addUser', \RestapiController::class.':addUserToGroup'); -$app->put('/groups/{id}/removeUser', \RestapiController::class.':removeUserFromGroup'); -$app->put('/folder/{id}/setInherit', \RestapiController::class.':setFolderInheritsAccess'); -$app->put('/folder/{id}/access/group/add', \RestapiController::class.':addGroupAccessToFolder'); // -$app->put('/folder/{id}/access/user/add', \RestapiController::class.':addUserAccessToFolder'); // -$app->put('/folder/{id}/access/group/remove', \RestapiController::class.':removeGroupAccessFromFolder'); -$app->put('/folder/{id}/access/user/remove', \RestapiController::class.':removeUserAccessFromFolder'); -$app->put('/folder/{id}/access/clear', \RestapiController::class.':clearFolderAccessList'); -$app->get('/categories', \RestapiController::class.':getCategories'); -$app->get('/categories/{id}', \RestapiController::class.':getCategory'); -$app->delete('/categories/{id}', \RestapiController::class.':deleteCategory'); -$app->post('/categories', \RestapiController::class.':createCategory'); -$app->put('/categories/{id}/name', \RestapiController::class.':changeCategoryName'); -$app->get('/attributedefinitions', \RestapiController::class.':getAttributeDefinitions'); -$app->put('/attributedefinitions/{id}/name', \RestapiController::class.':changeAttributeDefinitionName'); -$app->get('/echo/{data}', \TestController::class.':echoData'); -$app->get('/version', \TestController::class.':version'); -$app->get('/statstotal', \RestapiController::class.':getStatsTotal'); +$app->post('/login', \SeedDMS_RestapiController::class.':doLogin'); +$app->get('/logout', \SeedDMS_RestapiController::class.':doLogout'); +$app->get('/account', \SeedDMS_RestapiController::class.':getAccount'); +$app->get('/search', \SeedDMS_RestapiController::class.':doSearch'); +$app->get('/searchbyattr', \SeedDMS_RestapiController::class.':doSearchByAttr'); +$app->get('/folder', \SeedDMS_RestapiController::class.':getFolder'); +$app->get('/folder/{id}', \SeedDMS_RestapiController::class.':getFolder'); +$app->post('/folder/{id}/move/{folderid}', \SeedDMS_RestapiController::class.':moveFolder'); +$app->delete('/folder/{id}', \SeedDMS_RestapiController::class.':deleteFolder'); +$app->get('/folder/{id}/children', \SeedDMS_RestapiController::class.':getFolderChildren'); +$app->get('/folder/{id}/parent', \SeedDMS_RestapiController::class.':getFolderParent'); +$app->get('/folder/{id}/path', \SeedDMS_RestapiController::class.':getFolderPath'); +$app->get('/folder/{id}/attributes', \SeedDMS_RestapiController::class.':getFolderAttributes'); +$app->put('/folder/{id}/attribute/{attrdefid}', \SeedDMS_RestapiController::class.':setFolderAttribute'); +$app->post('/folder/{id}/folder', \SeedDMS_RestapiController::class.':createFolder'); +$app->put('/folder/{id}/document', \SeedDMS_RestapiController::class.':uploadDocumentPut'); +$app->post('/folder/{id}/document', \SeedDMS_RestapiController::class.':uploadDocument'); +$app->get('/document/{id}', \SeedDMS_RestapiController::class.':getDocument'); +$app->post('/document/{id}/attachment', \SeedDMS_RestapiController::class.':uploadDocumentFile'); +$app->post('/document/{id}/update', \SeedDMS_RestapiController::class.':updateDocument'); +$app->delete('/document/{id}', \SeedDMS_RestapiController::class.':deleteDocument'); +$app->post('/document/{id}/move/{folderid}', \SeedDMS_RestapiController::class.':moveDocument'); +$app->get('/document/{id}/content', \SeedDMS_RestapiController::class.':getDocumentContent'); +$app->get('/document/{id}/versions', \SeedDMS_RestapiController::class.':getDocumentVersions'); +$app->get('/document/{id}/version/{version}', \SeedDMS_RestapiController::class.':getDocumentVersion'); +$app->put('/document/{id}/version/{version}', \SeedDMS_RestapiController::class.':updateDocumentVersion'); +$app->get('/document/{id}/version/{version}/attributes', \SeedDMS_RestapiController::class.':getDocumentContentAttributes'); +$app->put('/document/{id}/version/{version}/attribute/{attrdefid}', \SeedDMS_RestapiController::class.':setDocumentContentAttribute'); +$app->get('/document/{id}/files', \SeedDMS_RestapiController::class.':getDocumentFiles'); +$app->get('/document/{id}/file/{fileid}', \SeedDMS_RestapiController::class.':getDocumentFile'); +$app->get('/document/{id}/links', \SeedDMS_RestapiController::class.':getDocumentLinks'); +$app->post('/document/{id}/link/{documentid}', \SeedDMS_RestapiController::class.':addDocumentLink'); +$app->get('/document/{id}/attributes', \SeedDMS_RestapiController::class.':getDocumentAttributes'); +$app->put('/document/{id}/attribute/{attrdefid}', \SeedDMS_RestapiController::class.':setDocumentAttribute'); +$app->get('/document/{id}/preview/{version}/{width}', \SeedDMS_RestapiController::class.':getDocumentPreview'); +$app->delete('/document/{id}/categories', \SeedDMS_RestapiController::class.':removeDocumentCategories'); +$app->delete('/document/{id}/category/{catid}', \SeedDMS_RestapiController::class.':removeDocumentCategory'); +$app->post('/document/{id}/category/{catid}', \SeedDMS_RestapiController::class.':addDocumentCategory'); +$app->put('/document/{id}/owner/{userid}', \SeedDMS_RestapiController::class.':setDocumentOwner'); +$app->put('/account/fullname', \SeedDMS_RestapiController::class.':setFullName'); +$app->put('/account/email', \SeedDMS_RestapiController::class.':setEmail'); +$app->get('/account/documents/locked', \SeedDMS_RestapiController::class.':getLockedDocuments'); +$app->get('/users', \SeedDMS_RestapiController::class.':getUsers'); +$app->delete('/users/{id}', \SeedDMS_RestapiController::class.':deleteUser'); +$app->post('/users', \SeedDMS_RestapiController::class.':createUser'); +$app->get('/users/{id}', \SeedDMS_RestapiController::class.':getUserById'); +$app->put('/users/{id}/disable', \SeedDMS_RestapiController::class.':setDisabledUser'); +$app->put('/users/{id}/password', \SeedDMS_RestapiController::class.':changeUserPassword'); +$app->get('/roles', \SeedDMS_RestapiController::class.':getRoles'); +$app->post('/roles', \SeedDMS_RestapiController::class.':createRole'); +$app->get('/roles/{id}', \SeedDMS_RestapiController::class.':getRole'); +$app->delete('/roles/{id}', \SeedDMS_RestapiController::class.':deleteRole'); +$app->put('/users/{id}/quota', \SeedDMS_RestapiController::class.':changeUserQuota'); +$app->put('/users/{id}/homefolder/{folderid}', \SeedDMS_RestapiController::class.':changeUserHomefolder'); +$app->post('/groups', \SeedDMS_RestapiController::class.':createGroup'); +$app->get('/groups', \SeedDMS_RestapiController::class.':getGroups'); +$app->delete('/groups/{id}', \SeedDMS_RestapiController::class.':deleteGroup'); +$app->get('/groups/{id}', \SeedDMS_RestapiController::class.':getGroup'); +$app->put('/groups/{id}/addUser', \SeedDMS_RestapiController::class.':addUserToGroup'); +$app->put('/groups/{id}/removeUser', \SeedDMS_RestapiController::class.':removeUserFromGroup'); +$app->put('/folder/{id}/setInherit', \SeedDMS_RestapiController::class.':setFolderInheritsAccess'); +$app->put('/folder/{id}/owner/{userid}', \SeedDMS_RestapiController::class.':setFolderOwner'); +$app->put('/folder/{id}/access/group/add', \SeedDMS_RestapiController::class.':addGroupAccessToFolder'); // +$app->put('/folder/{id}/access/user/add', \SeedDMS_RestapiController::class.':addUserAccessToFolder'); // +$app->put('/folder/{id}/access/group/remove', \SeedDMS_RestapiController::class.':removeGroupAccessFromFolder'); +$app->put('/folder/{id}/access/user/remove', \SeedDMS_RestapiController::class.':removeUserAccessFromFolder'); +$app->put('/folder/{id}/access/clear', \SeedDMS_RestapiController::class.':clearFolderAccessList'); +$app->get('/categories', \SeedDMS_RestapiController::class.':getCategories'); +$app->get('/categories/{id}', \SeedDMS_RestapiController::class.':getCategory'); +$app->delete('/categories/{id}', \SeedDMS_RestapiController::class.':deleteCategory'); +$app->post('/categories', \SeedDMS_RestapiController::class.':createCategory'); +$app->put('/categories/{id}/name', \SeedDMS_RestapiController::class.':changeCategoryName'); +$app->get('/attributedefinitions', \SeedDMS_RestapiController::class.':getAttributeDefinitions'); +$app->put('/attributedefinitions/{id}/name', \SeedDMS_RestapiController::class.':changeAttributeDefinitionName'); +$app->get('/echo/{data}', \SeedDMS_TestController::class.':echoData'); +$app->get('/version', \SeedDMS_TestController::class.':version'); +$app->get('/statstotal', \SeedDMS_RestapiController::class.':getStatsTotal'); if(isset($GLOBALS['SEEDDMS_HOOKS']['initRestAPI'])) { foreach($GLOBALS['SEEDDMS_HOOKS']['initRestAPI'] as $hookObj) { diff --git a/views/bootstrap/class.AddFile.php b/views/bootstrap/class.AddFile.php index a7b375e55..468459b15 100644 --- a/views/bootstrap/class.AddFile.php +++ b/views/bootstrap/class.AddFile.php @@ -35,11 +35,16 @@ class SeedDMS_View_AddFile extends SeedDMS_Theme_Style { $enablelargefileupload = $this->params['enablelargefileupload']; $partitionsize = $this->params['partitionsize']; $maxuploadsize = $this->params['maxuploadsize']; + $dropfolderdir = $this->params['dropfolderdir']; + header('Content-Type: application/javascript; charset=UTF-8'); parent::jsTranslations(array('js_form_error', 'js_form_errors')); if($enablelargefileupload) $this->printFineUploaderJs($this->params['settings']->_httpRoot.'op/op.UploadChunks.php', $partitionsize, $maxuploadsize); + if($dropfolderdir) { + $this->printDropFolderChooserJs("addfileform"); + } $this->printFileChooserJs(); ?> @@ -58,14 +63,18 @@ $(document).ready( function() { } return false; }, ""); - $("#form1").validate({ + $("#addfileform").validate({ debug: false, ignore: ":hidden:not(.do_validate)", submitHandler: function(form) { - userfileuploader.uploadStoredFiles(); + /* fileuploader may not have any files if drop folder is used */ + if(userfileuploader.getUploads().length) + userfileuploader.uploadStoredFiles(); + else + form.submit(); }, - fineuploaderuuids: { - fineuploader: [ userfileuploader ] + 'userfile-fine-uploader-uuids': { + fineuploader: [ userfileuploader, $('#dropfolderfileaddfileform') ] } 'userfile[]': { - required: true + require_from_group: [1, ".fileupload-group"], + maxsize: + }, + dropfolderfileaddfileform: { + require_from_group: [1, ".fileupload-group"] } params['enablelargefileupload']; $uploadedattachmentispublic = $this->params['uploadedattachmentispublic']; $maxuploadsize = $this->params['maxuploadsize']; + $dropfolderdir = $this->params['dropfolderdir']; $this->htmlAddHeader(''."\n", 'js'); $this->htmlAddHeader(''."\n", 'js'); @@ -132,7 +146,7 @@ $(document).ready( function() { ?> -
+ contentContainerStart(); @@ -140,6 +154,12 @@ $(document).ready( function() { getMLText("local_file"), ($enablelargefileupload ? $this->getFineUploaderHtml() : $this->getFileChooserHtml('userfile[]', false)) ); + if($dropfolderdir) { + $this->formField( + getMLText("dropfolder_file"), + $this->getDropFolderChooserHtml("addfileform") + ); + } $options = array(); $options[] = array("", getMLText('document')); $versions = $document->getContent(); @@ -198,4 +218,3 @@ $(document).ready( function() { } /* }}} */ } -?> diff --git a/views/bootstrap/class.Bootstrap.php b/views/bootstrap/class.Bootstrap.php index b85528dad..843a8196d 100644 --- a/views/bootstrap/class.Bootstrap.php +++ b/views/bootstrap/class.Bootstrap.php @@ -1879,7 +1879,7 @@ $(document).ready(function() { /** * This function is deprecated. Don't use it anymore. There is a generic * folderSelected and documentSelected function in application.js - * If you extra functions to be called then define them in your own js code + * If you need extra functions to be called then define them in your own js code */ function printDocumentChooserJs($form, $formname='') { /* {{{ */ if(!$formname) @@ -1946,7 +1946,7 @@ function folderSelected(id, name) { /** * This function is deprecated. Don't use it anymore. There is a generic * folderSelected and documentSelected function in application.js - * If you extra functions to be called then define them in your own js code + * If you need extra functions to be called then define them in your own js code */ function printFolderChooserJs($form, $formname='') { /* {{{ */ if(!$formname) diff --git a/views/bootstrap/class.Charts.php b/views/bootstrap/class.Charts.php index 7cc076860..e9f7f6749 100644 --- a/views/bootstrap/class.Charts.php +++ b/views/bootstrap/class.Charts.php @@ -13,11 +13,6 @@ * @version Release: @package_version@ */ -/** - * Include parent class - */ -//require_once("class.Bootstrap.php"); - /** * Class which outputs the html page for Charts view * @@ -229,8 +224,28 @@ $(document).ready( function() { } } /* }}} */ - function show() { /* {{{ */ - $this->dms = $this->params['dms']; + /** + * Check if it makes sense to show the chart + * + * e.g. it doesn't make sense to show the documents by category if + * there are no categories. + * + * @param string $type + * @return boolean + */ + private function showChart($type) { /* {{{ */ + $dms = $this->params['dms']; + if($type == 'docspercategory') { + if($cats = $dms->getDocumentCategories()) + return true; + else + return false; + } + return true; + } /* }}} */ + + public function show() { /* {{{ */ + $dms = $this->params['dms']; $user = $this->params['user']; $data = $this->params['data']; $type = $this->params['type']; @@ -251,7 +266,8 @@ $(document).ready( function() { $this->contentHeading(getMLText("chart_selection")); $this->contentContainerStart(); foreach(array('docsperuser', 'foldersperuser', 'sizeperuser', 'sizepermonth','docspermimetype', 'docspercategory', 'docsperstatus', 'docspermonth', 'docsaccumulated') as $atype) { - echo "\n"; + if($this->showChart($atype)) + echo "\n"; } $this->contentContainerEnd(); $this->columnEnd(); diff --git a/views/bootstrap/class.Dashboard.php b/views/bootstrap/class.Dashboard.php index c03c022b1..0e8dc40a2 100644 --- a/views/bootstrap/class.Dashboard.php +++ b/views/bootstrap/class.Dashboard.php @@ -69,6 +69,7 @@ class SeedDMS_View_Dashboard extends SeedDMS_Theme_Style { $previewconverters = $this->params['previewConverters']; $timeout = $this->params['timeout']; $dayspastdashboard = $this->params['dayspastdashboard']; + $excludedfolders = $this->params['excludedfolders']; $xsendfile = $this->params['xsendfile']; $previewer = new SeedDMS_Preview_Previewer($cachedir, $previewwidth, $timeout, $xsendfile); @@ -80,6 +81,11 @@ class SeedDMS_View_Dashboard extends SeedDMS_Theme_Style { echo $this->contentHeading(getMLText('new_documents')); $documents = $dms->getLatestChanges('newdocuments', mktime(0, 0, 0)-$dayspastdashboard*86400, time()); $documents = SeedDMS_Core_DMS::filterAccess($documents, $user, M_READ); + foreach($documents as $i=>$doc) { + $fl = explode(':', $doc->getFolderList()); + if(array_intersect($fl, $excludedfolders)) + unset($documents[$i]); + } if (count($documents) > 0) { $this->printList($documents, $previewer); } @@ -94,6 +100,7 @@ class SeedDMS_View_Dashboard extends SeedDMS_Theme_Style { $previewconverters = $this->params['previewConverters']; $timeout = $this->params['timeout']; $dayspastdashboard = $this->params['dayspastdashboard']; + $excludedfolders = $this->params['excludedfolders']; $xsendfile = $this->params['xsendfile']; $previewer = new SeedDMS_Preview_Previewer($cachedir, $previewwidth, $timeout, $xsendfile); @@ -105,6 +112,11 @@ class SeedDMS_View_Dashboard extends SeedDMS_Theme_Style { echo $this->contentHeading(getMLText('updated_documents')); $documents = $dms->getLatestChanges('updateddocuments', mktime(0, 0, 0)-$dayspastdashboard*86400, time()); $documents = SeedDMS_Core_DMS::filterAccess($documents, $user, M_READ); + foreach($documents as $i=>$doc) { + $fl = explode(':', $doc->getFolderList()); + if(array_intersect($fl, $excludedfolders)) + unset($documents[$i]); + } if (count($documents) > 0) { $this->printList($documents, $previewer); } @@ -119,6 +131,7 @@ class SeedDMS_View_Dashboard extends SeedDMS_Theme_Style { $previewconverters = $this->params['previewConverters']; $timeout = $this->params['timeout']; $dayspastdashboard = $this->params['dayspastdashboard']; + $excludedfolders = $this->params['excludedfolders']; $xsendfile = $this->params['xsendfile']; $previewer = new SeedDMS_Preview_Previewer($cachedir, $previewwidth, $timeout, $xsendfile); @@ -130,6 +143,11 @@ class SeedDMS_View_Dashboard extends SeedDMS_Theme_Style { echo $this->contentHeading(getMLText('status_change')); $documents = $dms->getLatestChanges('statuschange', mktime(0, 0, 0)-$dayspastdashboard*86400, time()); $documents = SeedDMS_Core_DMS::filterAccess($documents, $user, M_READ); + foreach($documents as $i=>$doc) { + $fl = explode(':', $doc->getFolderList()); + if(array_intersect($fl, $excludedfolders)) + unset($documents[$i]); + } if (count($documents) > 0) { $this->printList($documents, $previewer); } @@ -156,7 +174,7 @@ class SeedDMS_View_Dashboard extends SeedDMS_Theme_Style { $timeout = $this->params['timeout']; $xsendfile = $this->params['xsendfile']; - $this->htmlStartPage(getMLText("calendar")); + $this->htmlStartPage(getMLText("dashboard")); $this->globalNavigation(); $this->contentStart(); diff --git a/views/bootstrap/class.Info.php b/views/bootstrap/class.Info.php index f0f880e0d..119f85f10 100644 --- a/views/bootstrap/class.Info.php +++ b/views/bootstrap/class.Info.php @@ -116,7 +116,7 @@ class SeedDMS_View_Info extends SeedDMS_Theme_Style { $this->contentHeading(getMLText("missing_php_functions_and_classes")); $missingfunc = []; - foreach(array('proc_open', 'openssl_cipher_iv_length') as $funcname) { + foreach(array('proc_open', 'openssl_cipher_iv_length', 'system') as $funcname) { if(!function_exists($funcname)) { $missingfunc[] = $funcname; //getMLText('func_'.$funcname."_missing") } diff --git a/views/bootstrap/class.SchedulerTaskMgr.php b/views/bootstrap/class.SchedulerTaskMgr.php index e0e4db374..ffd98c58c 100644 --- a/views/bootstrap/class.SchedulerTaskMgr.php +++ b/views/bootstrap/class.SchedulerTaskMgr.php @@ -621,11 +621,11 @@ $(document).ready( function() { echo ""; echo ""; print "
"; + print ""; $t = $scheduler->getTasksByExtension($extname, $taskname); if($t) { print ""; } - print ""; print "
"; echo ""; echo ""; diff --git a/views/bootstrap/class.Settings.php b/views/bootstrap/class.Settings.php index 3b122f0b8..32cb96a4d 100644 --- a/views/bootstrap/class.Settings.php +++ b/views/bootstrap/class.Settings.php @@ -258,6 +258,35 @@ class SeedDMS_View_Settings extends SeedDMS_Theme_Style { params['settings']; + $dms = $this->params['dms']; +?> + "> + + +{"_".$name})) + $selections = $settings->{"_".$name}; + else + $selections = explode(',', $settings->{"_".$name}); + echo ""; +?> + + +params['settings']; $dms = $this->params['dms']; @@ -455,6 +484,7 @@ if(($kkk = $this->callHook('getFullSearchEngine')) && is_array($kkk)) showConfigCheckbox('settings_enableRecursiveCount', 'enableRecursiveCount'); ?> showConfigText('settings_maxRecursiveCount', 'maxRecursiveCount'); ?> showConfigText('settings_daysPastDashboard', 'daysPastDashboard'); ?> +showConfigFolderNoTree('settings_excludeFoldersDashboard', 'excludeFoldersDashboard'); ?> showConfigCheckbox('settings_enableLanguageSelector', 'enableLanguageSelector'); ?> showConfigCheckbox('settings_enableHelp', 'enableHelp'); ?> showConfigCheckbox('settings_enableThemeSelector', 'enableThemeSelector'); ?> diff --git a/views/bootstrap/class.Tasks.php b/views/bootstrap/class.Tasks.php index e740763b8..4c778b8cd 100644 --- a/views/bootstrap/class.Tasks.php +++ b/views/bootstrap/class.Tasks.php @@ -196,14 +196,9 @@ class SeedDMS_View_Tasks extends SeedDMS_Theme_Style { } /* }}} */ /** - * Returns the html needed for the task list in the menu + * Returns the number of tasks * - * This function renders the tasks in a way suitable to be - * used as a menu - * - * @param array $clipboard clipboard containing two arrays for both - * documents and folders. - * @return string html code + * @return array list of tasks an its number */ function countTasks() { /* {{{ */ $dms = $this->params['dms']; diff --git a/views/bootstrap/styles/application.js b/views/bootstrap/styles/application.js index 42d384e66..ab620ee06 100644 --- a/views/bootstrap/styles/application.js +++ b/views/bootstrap/styles/application.js @@ -1618,17 +1618,17 @@ $(document).ready(function() { /* {{{ */ $.ajax({url: seeddms_webroot+'out/out.Tasks.php', type: 'GET', dataType: "json", - data: {action: 'mytasks'}, + data: {action: 'counttasks'}, success: function(data) { if(data) { - if((typeof data.data.approval != 'undefined' && approval_count != data.data.approval.length) || - (typeof data.data.review != 'undefined' && review_count != data.data.review.length) || - (typeof data.data.workflow != 'undefined' && workflow_count != data.data.workflow.length)) { + if((typeof data.data.approval != 'undefined' && approval_count != data.data.approval) || + (typeof data.data.review != 'undefined' && review_count != data.data.review) || + (typeof data.data.workflow != 'undefined' && workflow_count != data.data.workflow)) { // $("#menu-tasks").html('Loading').hide().load('../out/out.Tasks.php?action=menutasks').fadeIn('500') $('#menu-tasks > div.ajax').trigger('update', {folderid: seeddms_folder}); - approval_count = typeof data.data.approval != 'undefined' ? data.data.approval.length : 0; - review_count = typeof data.data.review != 'undefined' ? data.data.review.length : 0; - workflow_count = typeof data.data.workflow != 'undefined' ? data.data.workflow.length : 0; + approval_count = typeof data.data.approval != 'undefined' ? data.data.approval : 0; + review_count = typeof data.data.review != 'undefined' ? data.data.review : 0; + workflow_count = typeof data.data.workflow != 'undefined' ? data.data.workflow : 0; } } }, diff --git a/views/bootstrap4/class.Bootstrap4.php b/views/bootstrap4/class.Bootstrap4.php index ded4af6d5..bd1fdfc59 100644 --- a/views/bootstrap4/class.Bootstrap4.php +++ b/views/bootstrap4/class.Bootstrap4.php @@ -1817,7 +1817,7 @@ $(document).ready(function() { /** * This function is deprecated. Don't use it anymore. There is a generic * folderSelected and documentSelected function in application.js - * If you extra functions to be called then define them in your own js code + * If you need extra functions to be called then define them in your own js code */ function printDocumentChooserJs($form, $formname='') { /* {{{ */ if(!$formname) @@ -1886,7 +1886,7 @@ function folderSelected(id, name) { /** * This function is deprecated. Don't use it anymore. There is a generic * folderSelected and documentSelected function in application.js - * If you extra functions to be called then define them in your own js code + * If you need extra functions to be called then define them in your own js code */ function printFolderChooserJs($form, $formname='') { /* {{{ */ if(!$formname) diff --git a/views/bootstrap4/styles/application.js b/views/bootstrap4/styles/application.js index 6daecdcfb..221cc4b92 100644 --- a/views/bootstrap4/styles/application.js +++ b/views/bootstrap4/styles/application.js @@ -1697,17 +1697,17 @@ $(document).ready(function() { /* {{{ */ $.ajax({url: seeddms_webroot+'out/out.Tasks.php', type: 'GET', dataType: "json", - data: {action: 'mytasks'}, + data: {action: 'counttasks'}, success: function(data) { if(data) { - if((typeof data.data.approval != 'undefined' && approval_count != data.data.approval.length) || - (typeof data.data.review != 'undefined' && review_count != data.data.review.length) || - (typeof data.data.workflow != 'undefined' && workflow_count != data.data.workflow.length)) { + if((typeof data.data.approval != 'undefined' && approval_count != data.data.approval) || + (typeof data.data.review != 'undefined' && review_count != data.data.review) || + (typeof data.data.workflow != 'undefined' && workflow_count != data.data.workflow)) { // $("#menu-tasks").html('Loading').hide().load('../out/out.Tasks.php?action=menutasks').fadeIn('500') $('#menu-tasks > div.ajax').trigger('update', {folderid: seeddms_folder}); - approval_count = typeof data.data.approval != 'undefined' ? data.data.approval.length : 0; - review_count = typeof data.data.review != 'undefined' ? data.data.review.length : 0; - workflow_count = typeof data.data.workflow != 'undefined' ? data.data.workflow.length : 0; + approval_count = typeof data.data.approval != 'undefined' ? data.data.approval : 0; + review_count = typeof data.data.review != 'undefined' ? data.data.review : 0; + workflow_count = typeof data.data.workflow != 'undefined' ? data.data.workflow : 0; } } },