gnh1201/seeddms-code
1
0
Fork 0
mirror of https://git.code.sf.net/p/seeddms/code synced 2025-02-11 09:35:00 +00:00
Code Issues Actions Packages Projects Releases Wiki Activity

Merge branch 'seeddms-5.1.x' into seeddms-6.0.x

Browse Source
This commit is contained in:
Uwe Steinmann 2025-01-31 10:15:21 +01:00
commit 895dbf1b29
3 changed files with 378 additions and 100 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

8
doc/README.Converters
View File

@ -18,6 +18,14 @@ Please note, that when ever a command outputs anything to stderr,
this will considered as a failure of the command. Most command line
programs have a parameter (.e.g. `-q`) to suppress such an output.
If you run php-fpm you may encounter problems with charsets based on
UTF-8. Programms like `catdoc` read LANG from the environment to
set the correct encoding of the output. php-fpm often clears the
environment and programms like `catdoc` will not longer output any
UTF-8 chars. In such a case you may want to set `clear_env=no` in
php-fpm's configuration. On Debian this is done in the file
`/etc/php/<php version>/fpm/pool.d/www.conf`. Search for `clear_env`.
Conversion to text for fulltext search
=======================================

158
restapi/index.php
View File

@ -25,24 +25,21 @@ use Psr\Http\Server\MiddlewareInterface;
use DI\ContainerBuilder;
use Slim\Factory\AppFactory;
final class JsonRenderer
{
final class JsonRenderer { /* {{{ */
public function json(
ResponseInterface $response,
array $data = null
): ResponseInterface {
$response = $response->withHeader('Content-Type', 'application/json');
$response->getBody()->write(
(string)json_encode(
$data,
JSON_UNESCAPED_SLASHES | JSON_PARTIAL_OUTPUT_ON_ERROR
)
);
$response->getBody()->write(
(string)json_encode(
$data,
JSON_UNESCAPED_SLASHES | JSON_PARTIAL_OUTPUT_ON_ERROR
)
);
return $response;
}
}
} /* }}} */
final class SeedDMS_RestapiController { /* {{{ */
protected $container;
@ -1740,12 +1737,9 @@ final class SeedDMS_RestapiController { /* {{{ */
$dms = $this->container->get('dms');
$userobj = $this->container->get('userobj');
if(!$userobj) {
return $this->renderer->json($response, array('success'=>false, 'message'=>'Not logged in', 'data'=>''))->withStatus(403);
}
if(!$userobj->isAdmin()) {
return $this->renderer->json($response, array('success'=>false, 'message'=>'No access on document', 'data'=>''))->withStatus(403);
}
$check = $this->checkIfAdmin($request, $response);
if ($check !== true)
return $check;
if(!ctype_digit($args['id']) || $args['id'] == 0) {
return $this->renderer->json($response, array('success'=>false, 'message'=>'No document given', 'data'=>''))->withStatus(400);
@ -2116,8 +2110,8 @@ final class SeedDMS_RestapiController { /* {{{ */
function checkIfAdmin($request, $response) { /* {{{ */
$dms = $this->container->get('dms');
if(!$this->container->has('userobj'))
echo "no user object";
// if(!$this->container->has('userobj'))
// echo "no user object";
if(!$this->container->has('userobj') || !($userobj = $this->container->get('userobj'))) {
return $this->renderer->json($response, ['success'=>false, 'message'=>'Not logged in', 'data'=>''])->withStatus(403);
@ -2259,7 +2253,7 @@ final class SeedDMS_RestapiController { /* {{{ */
return $check;
$params = $request->getParsedBody();
if ($params['quota'] == null) {
if ($params['quota'] == null || !ctype_digit($params['quota'])) {
return $this->renderer->json($response, array('success'=>false, 'message'=>'You must supply a new quota', 'data'=>''))->withStatus(400);
}
@ -2530,6 +2524,7 @@ final class SeedDMS_RestapiController { /* {{{ */
$check = $this->checkIfAdmin($request, $response);
if($check !== true)
return $check;
if(ctype_digit($args['id']))
$group = $dms->getGroup($args['id']);
else {
@ -2552,21 +2547,21 @@ final class SeedDMS_RestapiController { /* {{{ */
$userobj = $this->container->get('userobj');
$check = $this->checkIfAdmin($request, $response);
if($check !== true)
if ($check !== true)
return $check;
if(ctype_digit($args['id']))
if (ctype_digit($args['id']))
$group = $dms->getGroup($args['id']);
else {
$group = $dms->getGroupByName($args['id']);
}
$params = $request->getParsedBody();
$params = $request->getParsedBody();
if (empty($params['userid'])) {
return $this->renderer->json($response, array('success'=>false, 'message'=>'Missing userid', 'data'=>''))->withStatus(400);
}
$userId = $params['userid'];
if(ctype_digit($userId))
if (ctype_digit($userId))
$user = $dms->getUser($userId);
else {
$user = $dms->getUserByLogin($userId);
@ -2578,20 +2573,16 @@ final class SeedDMS_RestapiController { /* {{{ */
$operationResult = false;
if ($operationType == 'add')
{
if ($operationType == 'add') {
$operationResult = $group->addUser($user);
}
if ($operationType == 'remove')
{
if ($operationType == 'remove') {
$operationResult = $group->removeUser($user);
}
if ($operationResult === false)
{
if ($operationResult === false) {
$message = 'Could not add user to the group.';
if ($operationType == 'remove')
{
if ($operationType == 'remove') {
$message = 'Could not remove user from group.';
}
return $this->renderer->json($response, array('success'=>false, 'message'=>'Something went wrong. ' . $message, 'data'=>''))->withStatus(500);
@ -2618,8 +2609,9 @@ final class SeedDMS_RestapiController { /* {{{ */
$userobj = $this->container->get('userobj');
$check = $this->checkIfAdmin($request, $response);
if($check !== true)
if ($check !== true)
return $check;
$params = $request->getParsedBody();
if (!isset($params['enable']))
{
@ -2656,12 +2648,9 @@ final class SeedDMS_RestapiController { /* {{{ */
$dms = $this->container->get('dms');
$userobj = $this->container->get('userobj');
if(!$userobj) {
return $this->renderer->json($response, array('success'=>false, 'message'=>'Not logged in', 'data'=>''))->withStatus(403);
}
if(!$userobj->isAdmin()) {
return $this->renderer->json($response, array('success'=>false, 'message'=>'No access on folder', 'data'=>''))->withStatus(403);
}
$check = $this->checkIfAdmin($request, $response);
if ($check !== true)
return $check;
if(!ctype_digit($args['id']) || $args['id'] == 0) {
return $this->renderer->json($response, array('success'=>false, 'message'=>'No folder given', 'data'=>''))->withStatus(400);
@ -2727,51 +2716,40 @@ final class SeedDMS_RestapiController { /* {{{ */
$params = $request->getParsedBody();
$userOrGroupIdInput = $params['id'];
if ($operationType == 'add')
{
if ($params['id'] == null)
{
if ($operationType == 'add') {
if ($params['id'] == null) {
return $this->renderer->json($response, array('success'=>false, 'message'=>'Please PUT the user or group Id', 'data'=>''))->withStatus(400);
}
if ($params['mode'] == null)
{
if ($params['mode'] == null) {
return $this->renderer->json($response, array('success'=>false, 'message'=>'Please PUT the access mode', 'data'=>''))->withStatus(400);
}
$modeInput = $params['mode'];
$mode = M_NONE;
if ($modeInput == 'read')
{
if ($modeInput == 'read') {
$mode = M_READ;
}
if ($modeInput == 'readwrite')
{
if ($modeInput == 'readwrite') {
$mode = M_READWRITE;
}
if ($modeInput == 'all')
{
if ($modeInput == 'all') {
$mode = M_ALL;
}
}
$userOrGroupId = $userOrGroupIdInput;
if(!ctype_digit($userOrGroupIdInput) && $userOrGroup == 'user')
{
if (!ctype_digit($userOrGroupIdInput) && $userOrGroup == 'user') {
$userOrGroupObj = $dms->getUserByLogin($userOrGroupIdInput);
}
if(!ctype_digit($userOrGroupIdInput) && $userOrGroup == 'group')
{
if (!ctype_digit($userOrGroupIdInput) && $userOrGroup == 'group') {
$userOrGroupObj = $dms->getGroupByName($userOrGroupIdInput);
}
if(ctype_digit($userOrGroupIdInput) && $userOrGroup == 'user')
{
if (ctype_digit($userOrGroupIdInput) && $userOrGroup == 'user') {
$userOrGroupObj = $dms->getUser($userOrGroupIdInput);
}
if(ctype_digit($userOrGroupIdInput) && $userOrGroup == 'group')
{
if (ctype_digit($userOrGroupIdInput) && $userOrGroup == 'group') {
$userOrGroupObj = $dms->getGroup($userOrGroupIdInput);
}
if (!$userOrGroupObj) {
@ -2781,29 +2759,23 @@ final class SeedDMS_RestapiController { /* {{{ */
$operationResult = false;
if ($operationType == 'add' && $userOrGroup == 'user')
{
if ($operationType == 'add' && $userOrGroup == 'user') {
$operationResult = $folder->addAccess($mode, $userOrGroupId, true);
}
if ($operationType == 'remove' && $userOrGroup == 'user')
{
if ($operationType == 'remove' && $userOrGroup == 'user') {
$operationResult = $folder->removeAccess($userOrGroupId, true);
}
if ($operationType == 'add' && $userOrGroup == 'group')
{
if ($operationType == 'add' && $userOrGroup == 'group') {
$operationResult = $folder->addAccess($mode, $userOrGroupId, false);
}
if ($operationType == 'remove' && $userOrGroup == 'group')
{
if ($operationType == 'remove' && $userOrGroup == 'group') {
$operationResult = $folder->removeAccess($userOrGroupId, false);
}
if ($operationResult === false)
{
if ($operationResult === false) {
$message = 'Could not add user/group access to this folder.';
if ($operationType == 'remove')
{
if ($operationType == 'remove') {
$message = 'Could not remove user/group access from this folder.';
}
return $this->renderer->json($response, array('success'=>false, 'message'=>'Something went wrong. ' . $message, 'data'=>''))->withStatus(500);
@ -2817,11 +2789,12 @@ final class SeedDMS_RestapiController { /* {{{ */
$dms = $this->container->get('dms');
$userobj = $this->container->get('userobj');
if(false === ($categories = $dms->getDocumentCategories())) {
if (false === ($categories = $dms->getDocumentCategories())) {
return $this->renderer->json($response, array('success'=>false, 'message'=>'Could not get categories', 'data'=>null))->withStatus(500);
}
$data = [];
foreach($categories as $category)
foreach ($categories as $category)
$data[] = $this->__getCategoryData($category);
return $this->renderer->json($response, array('success'=>true, 'message'=>'', 'data'=>$data))->withStatus(200);
@ -2831,12 +2804,12 @@ final class SeedDMS_RestapiController { /* {{{ */
$dms = $this->container->get('dms');
$userobj = $this->container->get('userobj');
if(!ctype_digit($args['id'])) {
if (!ctype_digit($args['id'])) {
return $this->renderer->json($response, array('success'=>false, 'message'=>'Invalid parameter', 'data'=>''))->withStatus(400);
}
$category = $dms->getDocumentCategory($args['id']);
if($category) {
if ($category) {
return $this->renderer->json($response, array('success'=>true, 'message'=>'', 'data'=>$this->__getCategoryData($category)))->withStatus(200);
} else {
return $this->renderer->json($response, array('success'=>false, 'message'=>'No such category', 'data'=>''))->withStatus(404);
@ -2849,7 +2822,7 @@ final class SeedDMS_RestapiController { /* {{{ */
$logger = $this->container->get('logger');
$check = $this->checkIfAdmin($request, $response);
if($check !== true)
if ($check !== true)
return $check;
$params = $request->getParsedBody();
@ -2858,7 +2831,7 @@ final class SeedDMS_RestapiController { /* {{{ */
}
$catobj = $dms->getDocumentCategoryByName($params['name']);
if($catobj) {
if ($catobj) {
return $this->renderer->json($response, array('success'=>false, 'message'=>'Category already exists', 'data'=>''))->withStatus(409);
} else {
if($data = $dms->addDocumentCategory($params['name'])) {
@ -2875,11 +2848,11 @@ final class SeedDMS_RestapiController { /* {{{ */
$userobj = $this->container->get('userobj');
$check = $this->checkIfAdmin($request, $response);
if($check !== true)
if ($check !== true)
return $check;
if($category = $dms->getDocumentCategory($args['id'])) {
if($result = $category->remove()) {
if ($category = $dms->getDocumentCategory($args['id'])) {
if ($result = $category->remove()) {
return $this->renderer->json($response, array('success'=>$result, 'message'=>'', 'data'=>''))->withStatus(200);
} else {
return $this->renderer->json($response, array('success'=>$result, 'message'=>'Could not delete category', 'data'=>''))->withStatus(500);
@ -2899,16 +2872,15 @@ final class SeedDMS_RestapiController { /* {{{ */
$userobj = $this->container->get('userobj');
$check = $this->checkIfAdmin($request, $response);
if($check !== true)
if ($check !== true)
return $check;
if(!ctype_digit($args['id'])) {
if (!ctype_digit($args['id'])) {
return $this->renderer->json($response, array('success'=>false, 'message'=>'Invalid parameter', 'data'=>''))->withStatus(400);
}
$params = $request->getParsedBody();
if (empty($params['name']))
{
if (empty($params['name'])) {
return $this->renderer->json($response, array('success'=>false, 'message'=>'You must supply a new name', 'data'=>''))->withStatus(400);
}
@ -2936,7 +2908,7 @@ final class SeedDMS_RestapiController { /* {{{ */
$attrdefs = $dms->getAllAttributeDefinitions();
$data = [];
foreach($attrdefs as $attrdef)
foreach ($attrdefs as $attrdef)
$data[] = $this->__getAttributeDefinitionData($attrdef);
return $this->renderer->json($response, array('success'=>true, 'message'=>'', 'data'=>$data))->withStatus(200);
@ -2952,10 +2924,10 @@ final class SeedDMS_RestapiController { /* {{{ */
$userobj = $this->container->get('userobj');
$check = $this->checkIfAdmin($request, $response);
if($check !== true)
if ($check !== true)
return $check;
if(!ctype_digit($args['id'])) {
if (!ctype_digit($args['id'])) {
return $this->renderer->json($response, array('success'=>false, 'message'=>'Invalid parameter', 'data'=>''))->withStatus(400);
}
@ -2988,12 +2960,12 @@ final class SeedDMS_RestapiController { /* {{{ */
$userobj = $this->container->get('userobj');
$check = $this->checkIfAdmin($request, $response);
if($check !== true)
if ($check !== true)
return $check;
if(ctype_digit($args['id']))
if (ctype_digit($args['id'])) {
$folder = $dms->getFolder($args['id']);
else {
} else {
$folder = $dms->getFolderByName($args['id']);
}
if (!$folder) {
@ -3008,11 +2980,11 @@ final class SeedDMS_RestapiController { /* {{{ */
function getStatsTotal($request, $response) { /* {{{ */
$dms = $this->container->get('dms');
$check = $this->checkIfAdmin($request, $response);
if($check !== true)
if ($check !== true)
return $check;
$data = [];
foreach(array('docstotal', 'folderstotal', 'userstotal') as $type) {
foreach (array('docstotal', 'folderstotal', 'userstotal') as $type) {
$total = $dms->getStatisticalData($type);
$data[$type] = $total;
}

312
restapi/swagger.yaml
View File

@ -403,6 +403,92 @@ paths:
$ref: "#/definitions/ApiResponse"
security:
- api_key: []
/users/{id}/quota:
put:
tags:
- "user"
summary: "Change quota of user by ID"
description: "Change the quota of a single user"
operationId: "changeUserQuota"
produces:
- "application/json"
consumes:
- "application/x-www-form-urlencoded"
parameters:
- name: "id"
in: "path"
description: "ID of user"
required: true
type: "integer"
format: "int64"
- name: "quota"
in: "formData"
required: true
type: "integer"
format: "int64"
description: "New quota"
responses:
"200":
description: "successful operation"
schema:
$ref: "#/definitions/ApiResponse"
"400":
description: "Invalid parameter"
schema:
$ref: "#/definitions/ApiResponse"
"403":
description: "No access"
schema:
$ref: "#/definitions/ApiResponse"
"404":
description: "User not found"
schema:
$ref: "#/definitions/ApiResponse"
security:
- api_key: []
/users/{id}/homefolder/{folderid}:
put:
tags:
- "user"
summary: "Change quota of user by ID"
description: "Change the quota of a single user"
operationId: "changeUserHomefolder"
produces:
- "application/json"
consumes:
- "application/x-www-form-urlencoded"
parameters:
- name: "id"
in: "path"
description: "ID of user"
required: true
type: "integer"
format: "int64"
- name: "folderid"
in: "path"
description: "ID of folder"
required: true
type: "integer"
format: "int64"
responses:
"200":
description: "successful operation"
schema:
$ref: "#/definitions/ApiResponse"
"400":
description: "Invalid parameter"
schema:
$ref: "#/definitions/ApiResponse"
"403":
description: "No access"
schema:
$ref: "#/definitions/ApiResponse"
"404":
description: "User or folder not found"
schema:
$ref: "#/definitions/ApiResponse"
security:
- api_key: []
/groups:
get:
tags:
@ -463,6 +549,161 @@ paths:
$ref: "#/definitions/ApiResponse"
security:
- api_key: []
/groups/{id}:
get:
tags:
- "group"
summary: "Find group by ID"
description: "Returns a single group"
operationId: "getGroupById"
produces:
- "application/json"
parameters:
- name: "id"
in: "path"
description: "ID of group to return"
required: true
type: "integer"
format: "int64"
responses:
"200":
description: "successful operation"
schema:
$ref: "#/definitions/ApiResponseUser"
"404":
description: "Group not found"
schema:
$ref: "#/definitions/ApiResponse"
security:
- api_key: []
delete:
tags:
- "group"
summary: "Delete group by ID"
description: "Delete a single group"
operationId: "deleteGroupById"
produces:
- "application/json"
parameters:
- name: "id"
in: "path"
description: "ID of group to delete"
required: true
type: "integer"
format: "int64"
responses:
"200":
description: "successful operation"
schema:
$ref: "#/definitions/ApiResponse"
"500":
description: "Error deleting group"
schema:
$ref: "#/definitions/ApiResponse"
"403":
description: "No access"
schema:
$ref: "#/definitions/ApiResponse"
"404":
description: "Group not found"
schema:
$ref: "#/definitions/ApiResponse"
security:
- api_key: []
/groups/{id}/addUser:
put:
tags:
- "group"
summary: "Add user to group"
description: "Adds an existing user as a new member of a group"
operationId: "addUserToGroup"
produces:
- "application/json"
consumes:
- "application/x-www-form-urlencoded"
parameters:
- name: "id"
in: "path"
description: "ID of group"
required: true
type: "integer"
format: "int64"
- name: "userid"
in: "formData"
description: "ID of user"
required: true
type: "integer"
format: "int64"
responses:
"200":
description: "successful operation"
schema:
$ref: "#/definitions/ApiResponse"
"400":
description: "Invalid parameter"
schema:
$ref: "#/definitions/ApiResponse"
"403":
description: "No access"
schema:
$ref: "#/definitions/ApiResponse"
"404":
description: "User or group not found"
schema:
$ref: "#/definitions/ApiResponse"
"500":
description: "Internal error"
schema:
$ref: "#/definitions/ApiResponse"
security:
- api_key: []
/groups/{id}/removeUser:
put:
tags:
- "group"
summary: "Remove user from group"
description: "Remove a user as a new member of a group"
operationId: "removeUserToGroup"
produces:
- "application/json"
consumes:
- "application/x-www-form-urlencoded"
parameters:
- name: "id"
in: "path"
description: "ID of group"
required: true
type: "integer"
format: "int64"
- name: "userid"
in: "formData"
description: "ID of user"
required: true
type: "integer"
format: "int64"
responses:
"200":
description: "successful operation"
schema:
$ref: "#/definitions/ApiResponse"
"400":
description: "Invalid parameter"
schema:
$ref: "#/definitions/ApiResponse"
"403":
description: "No access"
schema:
$ref: "#/definitions/ApiResponse"
"404":
description: "User or group not found"
schema:
$ref: "#/definitions/ApiResponse"
"500":
description: "Internal error"
schema:
$ref: "#/definitions/ApiResponse"
security:
- api_key: []
/document/{id}:
get:
tags:
@ -562,7 +803,8 @@ paths:
"200":
description: "preview image file"
schema:
type: "file"
type: "string"
format: "binary"
"403":
description: "No access"
schema:
@ -595,7 +837,8 @@ paths:
"200":
description: "content file"
schema:
type: "file"
type: "string"
format: "binary"
"403":
description: "No access"
schema:
@ -634,7 +877,8 @@ paths:
"200":
description: "attached file"
schema:
type: "file"
type: "string"
format: "binary"
"403":
description: "No access"
schema:
@ -673,7 +917,8 @@ paths:
"200":
description: "content file"
schema:
type: "file"
type: "string"
format: "binary"
"403":
description: "No access"
schema:
@ -1554,6 +1799,53 @@ paths:
$ref: "#/definitions/ApiResponse"
security:
- api_key: []
/folder/{id}/owner/{userid}:
post:
tags:
- "folder"
summary: "Set owner of folder"
description: "Set owner of folder"
operationId: "setFolderOwner"
produces:
- "application/json"
consumes:
- "application/x-www-form-urlencoded"
parameters:
- name: "id"
in: "path"
description: "ID of folder."
type: "integer"
required: true
format: "int64"
- name: "userid"
in: "path"
description: "ID of user."
type: "integer"
required: true
format: "int64"
responses:
"201":
description: "successful operation"
schema:
$ref: "#/definitions/ApiResponse"
"400":
description: "No folder or user given"
schema:
$ref: "#/definitions/ApiResponse"
"403":
description: "No access"
schema:
$ref: "#/definitions/ApiResponse"
"404":
description: "Folder not found"
schema:
$ref: "#/definitions/ApiResponse"
"500":
description: "Internal error"
schema:
$ref: "#/definitions/ApiResponse"
security:
- api_key: []
/categories:
get:
tags:
@ -1779,15 +2071,21 @@ paths:
description: "Invalid status value"
security:
- api_key: []
/echo:
/echo/{data}:
get:
tags:
- "misc"
summary: "Return what was send in the body"
description: "Just returns the body content"
summary: "Return what was send in the path"
description: "Just returns the path"
operationId: "echoData"
produces:
- "application/json"
parameters:
- name: "data"
in: "path"
description: "Data to be echoed"
required: true
type: "string"
responses:
"200":
description: "successful operation"