mirror of
https://git.code.sf.net/p/seeddms/code
synced 2025-02-06 07:04:57 +00:00
return message and not just status
This commit is contained in:
Uwe Steinmann
parent
ac3c62355f
commit
99fe2244fb
|
|
@ -435,7 +435,7 @@ class RestapiController { /* {{{ */
|
|||
return $response->withJson(array('success'=>false, 'message'=>'No access', 'data'=>''), 403);
|
||||
}
|
||||
} else {
|
||||
return $response->withStatus(404);
|
||||
return $response->withJson(array('success'=>false, 'message'=>'No such folder', 'data'=>''), 404);
|
||||
}
|
||||
}
|
||||
} /* }}} */
|
||||
|
|
@ -2136,7 +2136,7 @@ class RestapiController { /* {{{ */
|
|||
}
|
||||
return $response->withJson(array('success'=>true, 'message'=>'', 'data'=>$data), 200);
|
||||
} else {
|
||||
return $response->withStatus(404);
|
||||
return $response->withJson(array('success'=>false, 'message'=>'No such group', 'data'=>''), 404);
|
||||
}
|
||||
} /* }}} */
|
||||
|
||||
|
|
@ -2241,7 +2241,7 @@ class RestapiController { /* {{{ */
|
|||
$success = ($folder->inheritsAccess() == $inherit);
|
||||
return $response->withJson(array('success'=>$success, 'message'=>'', 'data'=>$data), 200);
|
||||
} else {
|
||||
return $response->withStatus(404);
|
||||
return $response->withJson(array('success'=>false, 'message'=>'No such folder', 'data'=>''), 404);
|
||||
}
|
||||
} /* }}} */
|
||||
|
||||
|
|
@ -2275,7 +2275,7 @@ class RestapiController { /* {{{ */
|
|||
$folder = $dms->getfolderByName($args['id']);
|
||||
}
|
||||
if (!$folder) {
|
||||
return $response->withStatus(404);
|
||||
return $response->withJson(array('success'=>false, 'message'=>'No such folder', 'data'=>''), 404);
|
||||
}
|
||||
|
||||
$params = $request->getParsedBody();
|
||||
|
|
@ -2550,7 +2550,7 @@ class RestapiController { /* {{{ */
|
|||
$folder = $dms->getFolderByName($args['id']);
|
||||
}
|
||||
if (!$folder) {
|
||||
return $response->withStatus(404);
|
||||
return $response->withJson(array('success'=>false, 'message'=>'No such folder', 'data'=>''), 404);
|
||||
}
|
||||
if (!$folder->clearAccessList()) {
|
||||
return $response->withJson(array('success'=>false, 'message'=>'Something went wrong. Could not clear access list for this folder.', 'data'=>''), 500);
|
||||
|
|
@ -2645,17 +2645,17 @@ class RestapiAuth { /* {{{ */
|
|||
$logger->log("Received preflight options request", PEAR_LOG_DEBUG);
|
||||
} elseif(!in_array($request->getUri()->getPath(), array('login')) && substr($request->getUri()->getPath(), 0, 5) != 'echo/' && $request->getUri()->getPath() != 'version') {
|
||||
$userobj = null;
|
||||
if(!empty($this->container->environment['HTTP_AUTHORIZATION']) && !empty($settings->_apiKey) && !empty($settings->_apiUserId)) {
|
||||
$logger->log("Authorization key: ".$this->container->environment['HTTP_AUTHORIZATION'], PEAR_LOG_DEBUG);
|
||||
if($settings->_apiKey == $this->container->environment['HTTP_AUTHORIZATION']) {
|
||||
if(!($userobj = $dms->getUser($settings->_apiUserId))) {
|
||||
return $response->withStatus(403);
|
||||
}
|
||||
} else {
|
||||
return $response->withStatus(403);
|
||||
}
|
||||
$logger->log("Login with apikey as '".$userobj->getLogin()."' successful", PEAR_LOG_INFO);
|
||||
} else {
|
||||
if(!empty($this->container->environment['HTTP_AUTHORIZATION']) && !empty($settings->_apiKey) && !empty($settings->_apiUserId)) {
|
||||
$logger->log("Authorization key: ".$this->container->environment['HTTP_AUTHORIZATION'], PEAR_LOG_DEBUG);
|
||||
if($settings->_apiKey == $this->container->environment['HTTP_AUTHORIZATION']) {
|
||||
if(!($userobj = $dms->getUser($settings->_apiUserId))) {
|
||||
return $response->withJson(array('success'=>false, 'message'=>'Invalid user associated with api key', 'data'=>''), 403);
|
||||
}
|
||||
} else {
|
||||
return $response->withJson(array('success'=>false, 'message'=>'Wrong api key', 'data'=>''), 403);
|
||||
}
|
||||
$logger->log("Login with apikey as '".$userobj->getLogin()."' successful", PEAR_LOG_INFO);
|
||||
} else {
|
||||
require_once("../inc/inc.ClassSession.php");
|
||||
$session = new SeedDMS_Session($dms->getDb());
|
||||
if (isset($_COOKIE["mydms_session"])) {
|
||||
|
|
@ -2665,7 +2665,7 @@ class RestapiAuth { /* {{{ */
|
|||
/* Delete Cookie */
|
||||
setcookie("mydms_session", $dms_session, time()-3600, $settings->_httpRoot);
|
||||
$logger->log("Session for id '".$dms_session."' has gone", PEAR_LOG_ERR);
|
||||
return $response->withStatus(403);
|
||||
return $response->withJson(array('success'=>false, 'message'=>'Session has gone', 'data'=>''), 403);
|
||||
}
|
||||
|
||||
/* Load user data */
|
||||
|
|
@ -2675,20 +2675,20 @@ class RestapiAuth { /* {{{ */
|
|||
setcookie("mydms_session", $dms_session, time()-3600, $settings->_httpRoot);
|
||||
if($settings->_enableGuestLogin) {
|
||||
if(!($userobj = $dms->getUser($settings->_guestID)))
|
||||
return $response->withStatus(403);
|
||||
return $response->withJson(array('success'=>false, 'message'=>'Could not get guest login', 'data'=>''), 403);
|
||||
} else
|
||||
return $response->withStatus(403);
|
||||
return $response->withJson(array('success'=>false, 'message'=>'Login as guest disabled', 'data'=>''), 403);
|
||||
}
|
||||
if($userobj->isAdmin()) {
|
||||
if($resArr["su"]) {
|
||||
if(!($userobj = $dms->getUser($resArr["su"])))
|
||||
return $response->withStatus(403);
|
||||
return $response->withJson(array('success'=>false, 'message'=>'Cannot substitute user', 'data'=>''), 403);
|
||||
}
|
||||
}
|
||||
// $logger->log("Login with user name '".$userobj->getLogin()."' successful", PEAR_LOG_INFO);
|
||||
$dms->setUser($userobj);
|
||||
} else {
|
||||
return $response->withStatus(403);
|
||||
return $response->withJson(array('success'=>false, 'message'=>'Missing session cookie', 'data'=>''), 403);
|
||||
}
|
||||
}
|
||||
$this->container['userobj'] = $userobj;
|
||||
|
|
|
|||
Loading…
Reference in New Issue
Block a user