gnh1201/seeddms-code
1
0
Fork 0
mirror of https://git.code.sf.net/p/seeddms/code synced 2025-02-06 15:14:58 +00:00
Code Issues Actions Packages Projects Releases Wiki Activity

clean up code, better error checking, unified http return codes

Browse Source
This commit is contained in:
Uwe Steinmann 2020-06-19 08:08:23 +02:00
parent 960884cdc2
commit dc210cf59c
1 changed files with 213 additions and 117 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

330
restapi/index.php
View File

@ -74,6 +74,18 @@ if(USE_PHP_SESSION) {
require "vendor/autoload.php"; require "vendor/autoload.php";
function __getDocumentData($document) { /* {{{ */
$data = array(
'type'=>'document',
'id'=>(int)$document->getId(),
'date'=>date('Y-m-d H:i:s', $document->getDate()),
'name'=>$document->getName(),
'comment'=>$document->getComment(),
'keywords'=>$document->getKeywords()
);
return $data;
} /* }}} */
function __getLatestVersionData($lc) { /* {{{ */ function __getLatestVersionData($lc) { /* {{{ */
$document = $lc->getDocument(); $document = $lc->getDocument();
$data = array( $data = array(
@ -86,8 +98,8 @@ function __getLatestVersionData($lc) { /* {{{ */
'mimetype'=>$lc->getMimeType(), 'mimetype'=>$lc->getMimeType(),
'version'=>$lc->getVersion(), 'version'=>$lc->getVersion(),
'version_comment'=>$lc->getComment(), 'version_comment'=>$lc->getComment(),
'version_date'=>$lc->getDate(), 'version_date'=>date('Y-m-d H:i:s', $lc->getDate()),
'size'=>$lc->getFileSize(), 'size'=>(int) $lc->getFileSize(),
); );
$cats = $document->getCategories(); $cats = $document->getCategories();
if($cats) { if($cats) {
@ -114,6 +126,40 @@ function __getLatestVersionData($lc) { /* {{{ */
return $data; return $data;
} /* }}} */ } /* }}} */
function __getDocumentVersionData($lc) { /* {{{ */
$data = array(
'id'=>(int) $lc->getId(),
'version'=>$lc->getVersion(),
'date'=>date('Y-m-d H:i:s', $lc->getDate()),
'mimetype'=>$lc->getMimeType(),
'filetype'=>$lc->getFileType(),
'origfilename'=>$lc->getOriginalFileName(),
'size'=>(int) $lc->getFileSize(),
'comment'=>$lc->getComment(),
);
return $data;
} /* }}} */
function __getDocumentFileData($file) { /* {{{ */
$data = array(
'id'=>(int)$file->getId(),
'name'=>$file->getName(),
'date'=>$file->getDate(),
'mimetype'=>$file->getMimeType(),
'comment'=>$file->getComment(),
);
return $data;
} /* }}} */
function __getDocumentLinkData($link) { /* {{{ */
$data = array(
'id'=>(int)$link->getId(),
'target'=>__getDocumentData($link->getTarget()),
'public'=>(boolean)$link->isPublic(),
);
return $data;
} /* }}} */
function __getFolderData($folder) { /* {{{ */ function __getFolderData($folder) { /* {{{ */
$data = array( $data = array(
'type'=>'folder', 'type'=>'folder',
@ -171,6 +217,29 @@ function __getUserData($u) { /* {{{ */
return $data; return $data;
} /* }}} */ } /* }}} */
function __getAttributeDefinitionData($attrdef) { /* {{{ */
$data = [
'id' => (int)$attrdef->getId(),
'name' => $attrdef->getName(),
'type'=>(int)$attrdef->getType(),
'objtype'=>(int)$attrdef->getObjType(),
'min'=>(int)$attrdef->getMinValues(),
'max'=>(int)$attrdef->getMaxValues(),
'multiple'=>$attrdef->getMultipleValues()?true:false,
'valueset'=>$attrdef->getValueSetAsArray(),
'regex'=>$attrdef->getRegex()
];
return $data;
} /* }}} */
function __getCategoryData($category) { /* {{{ */
$data = [
'id'=>(int)$category->getId(),
'name'=>$category->getName()
];
return $data;
} /* }}} */
function doLogin($request, $response) { /* {{{ */ function doLogin($request, $response) { /* {{{ */
global $dms, $userobj, $session, $settings; global $dms, $userobj, $session, $settings;
@ -244,7 +313,8 @@ function setFullName($request, $response) { /* {{{ */
$params = $request->getParsedBody(); $params = $request->getParsedBody();
$userobj->setFullName($params['fullname']); $userobj->setFullName($params['fullname']);
return $response->withJson(array('success'=>true, 'message'=>'', 'data'=>$userobj->getFullName()), 200); $data = __getUserData($userobj);
return $response->withJson(array('success'=>true, 'message'=>'', 'data'=>$data), 200);
} /* }}} */ } /* }}} */
function setEmail($request, $response) { /* {{{ */ function setEmail($request, $response) { /* {{{ */
@ -257,7 +327,8 @@ function setEmail($request, $response) { /* {{{ */
$params = $request->getParsedBody(); $params = $request->getParsedBody();
$userobj->setEmail($params['email']); $userobj->setEmail($params['email']);
return $response->withJson(array('success'=>true, 'message'=>'', 'data'=>$userid), 200); $data = __getUserData($userobj);
return $response->withJson(array('success'=>true, 'message'=>'', 'data'=>$data), 200);
} /* }}} */ } /* }}} */
function getLockedDocuments($request, $response) { /* {{{ */ function getLockedDocuments($request, $response) { /* {{{ */
@ -284,7 +355,7 @@ function getFolder($request, $response, $args) { /* {{{ */
$forcebyname = isset($params['forcebyname']) ? $params['forcebyname'] : 0; $forcebyname = isset($params['forcebyname']) ? $params['forcebyname'] : 0;
$parent = isset($params['parentid']) ? $dms->getFolder($params['parentid']) : null; $parent = isset($params['parentid']) ? $dms->getFolder($params['parentid']) : null;
if (!isset($args['id'])) if (!isset($args['id']) || !$args['id'])
$folder = $dms->getFolder($settings->_rootFolderID); $folder = $dms->getFolder($settings->_rootFolderID);
elseif(ctype_digit($args['id']) && empty($forcebyname)) elseif(ctype_digit($args['id']) && empty($forcebyname))
$folder = $dms->getFolder($args['id']); $folder = $dms->getFolder($args['id']);
@ -296,10 +367,10 @@ function getFolder($request, $response, $args) { /* {{{ */
$data = __getFolderData($folder); $data = __getFolderData($folder);
return $response->withJson(array('success'=>true, 'message'=>'', 'data'=>$data), 200); return $response->withJson(array('success'=>true, 'message'=>'', 'data'=>$data), 200);
} else { } else {
return $response->withStatus(404); return $response->withJson(array('success'=>false, 'message'=>'No access', 'data'=>''), 403);
} }
} else { } else {
return $response->withStatus(404); return $response->withJson(array('success'=>false, 'message'=>'No such folder', 'data'=>''), 404);
} }
} /* }}} */ } /* }}} */
@ -313,12 +384,20 @@ function getFolderParent($request, $response, $args) { /* {{{ */
return $response->withJson(array('success'=>true, 'message'=>'id is root folder', 'data'=>''), 200); return $response->withJson(array('success'=>true, 'message'=>'id is root folder', 'data'=>''), 200);
} }
$folder = $dms->getFolder($id); $folder = $dms->getFolder($id);
$parent = $folder->getParent(); if($folder) {
if($parent) { $parent = $folder->getParent();
$rec = __getFolderData($parent); if($parent) {
return $response->withJson(array('success'=>true, 'message'=>'', 'data'=>$rec), 200); if($parent->getAccessMode($userobj) >= M_READ) {
$rec = __getFolderData($parent);
return $response->withJson(array('success'=>true, 'message'=>'', 'data'=>$rec), 200);
} else {
return $response->withJson(array('success'=>false, 'message'=>'No access', 'data'=>''), 403);
}
} else {
return $response->withJson(array('success'=>false, 'message'=>'', 'data'=>''), 500);
}
} else { } else {
return $response->withJson(array('success'=>false, 'message'=>'', 'data'=>''), 500); return $response->withJson(array('success'=>false, 'message'=>'No such folder', 'data'=>''), 404);
} }
} /* }}} */ } /* }}} */
@ -328,13 +407,20 @@ function getFolderPath($request, $response, $args) { /* {{{ */
return $response->withJson(array('success'=>true, 'message'=>'id is 0', 'data'=>''), 200); return $response->withJson(array('success'=>true, 'message'=>'id is 0', 'data'=>''), 200);
} }
$folder = $dms->getFolder($args['id']); $folder = $dms->getFolder($args['id']);
if($folder) {
$path = $folder->getPath(); if($folder->getAccessMode($userobj) >= M_READ) {
$data = array(); $path = $folder->getPath();
foreach($path as $element) { $data = array();
$data[] = array('id'=>$element->getId(), 'name'=>$element->getName()); foreach($path as $element) {
$data[] = array('id'=>$element->getId(), 'name'=>$element->getName());
}
return $response->withJson(array('success'=>true, 'message'=>'', 'data'=>$data), 200);
} else {
return $response->withJson(array('success'=>false, 'message'=>'No access', 'data'=>''), 403);
}
} else {
return $response->withJson(array('success'=>false, 'message'=>'No such folder', 'data'=>''), 404);
} }
return $response->withJson(array('success'=>true, 'message'=>'', 'data'=>$data), 200);
} /* }}} */ } /* }}} */
function getFolderAttributes($request, $response, $args) { /* {{{ */ function getFolderAttributes($request, $response, $args) { /* {{{ */
@ -354,8 +440,10 @@ function getFolderAttributes($request, $response, $args) { /* {{{ */
} }
return $response->withJson(array('success'=>true, 'message'=>'', 'data'=>$recs), 200); return $response->withJson(array('success'=>true, 'message'=>'', 'data'=>$recs), 200);
} else { } else {
return $response->withStatus(404); return $response->withJson(array('success'=>false, 'message'=>'No access', 'data'=>''), 403);
} }
} else {
return $response->withJson(array('success'=>false, 'message'=>'No such folder', 'data'=>''), 404);
} }
} /* }}} */ } /* }}} */
@ -433,7 +521,7 @@ function createFolder($request, $response, $args) { /* {{{ */
/* Check if name already exists in the folder */ /* Check if name already exists in the folder */
if(!$settings->_enableDuplicateSubFolderNames) { if(!$settings->_enableDuplicateSubFolderNames) {
if($parent->hasSubFolderByName($params['name'])) { if($parent->hasSubFolderByName($params['name'])) {
return $response->withJson(array('success'=>false, 'message'=>getMLText("subfolder_duplicate_name"), 'data'=>''), 400); return $response->withJson(array('success'=>false, 'message'=>getMLText("subfolder_duplicate_name"), 'data'=>''), 409);
} }
} }
if($folder = $parent->addSubFolder($params['name'], $comment, $userobj, $sequence, $newattrs)) { if($folder = $parent->addSubFolder($params['name'], $comment, $userobj, $sequence, $newattrs)) {
@ -484,7 +572,7 @@ function moveFolder($request, $response, $args) { /* {{{ */
} }
} else { } else {
if($folder === null) if($folder === null)
$status = 400; $status = 404;
else else
$status = 500; $status = 500;
return $response->withJson(array('success'=>false, 'message'=>'No destination folder', 'data'=>''), $status); return $response->withJson(array('success'=>false, 'message'=>'No destination folder', 'data'=>''), $status);
@ -494,7 +582,7 @@ function moveFolder($request, $response, $args) { /* {{{ */
} }
} else { } else {
if($mfolder === null) if($mfolder === null)
$status=400; $status=404;
else else
$status=500; $status=500;
return $response->withJson(array('success'=>false, 'message'=>'No folder', 'data'=>''), $status); return $response->withJson(array('success'=>false, 'message'=>'No folder', 'data'=>''), $status);
@ -524,7 +612,7 @@ function deleteFolder($request, $response, $args) { /* {{{ */
} }
} else { } else {
if($mfolder === null) if($mfolder === null)
$status=400; $status=404;
else else
$status=500; $status=500;
return $response->withJson(array('success'=>false, 'message'=>'No folder', 'data'=>''), $status); return $response->withJson(array('success'=>false, 'message'=>'No folder', 'data'=>''), $status);
@ -600,7 +688,7 @@ function uploadDocument($request, $response, $args) { /* {{{ */
/* Check if name already exists in the folder */ /* Check if name already exists in the folder */
if(!$settings->_enableDuplicateDocNames) { if(!$settings->_enableDuplicateDocNames) {
if($mfolder->hasDocumentByName($docname)) { if($mfolder->hasDocumentByName($docname)) {
return $response->withJson(array('success'=>false, 'message'=>getMLText("document_duplicate_name"), 'data'=>''), 400); return $response->withJson(array('success'=>false, 'message'=>getMLText("document_duplicate_name"), 'data'=>''), 409);
} }
} }
$temp = $file_info->file; $temp = $file_info->file;
@ -625,7 +713,7 @@ function uploadDocument($request, $response, $args) { /* {{{ */
} }
} else { } else {
if($mfolder === null) if($mfolder === null)
$status=400; $status=404;
else else
$status=500; $status=500;
return $response->withJson(array('success'=>false, 'message'=>'No folder', 'data'=>''), $status); return $response->withJson(array('success'=>false, 'message'=>'No folder', 'data'=>''), $status);
@ -686,7 +774,7 @@ function updateDocument($request, $response, $args) { /* {{{ */
return $response->withJson(array('success'=>false, 'message'=>'No access', 'data'=>''), 403); return $response->withJson(array('success'=>false, 'message'=>'No access', 'data'=>''), 403);
} }
} else { } else {
return $response->withJson(array('success'=>false, 'message'=>'No document', 'data'=>''), 400); return $response->withJson(array('success'=>false, 'message'=>'No document', 'data'=>''), 404);
} }
} /* }}} */ } /* }}} */
@ -722,7 +810,7 @@ function uploadDocumentPut($request, $response, $args) { /* {{{ */
/* Check if name already exists in the folder */ /* Check if name already exists in the folder */
if(!$settings->_enableDuplicateDocNames) { if(!$settings->_enableDuplicateDocNames) {
if($mfolder->hasDocumentByName($docname)) { if($mfolder->hasDocumentByName($docname)) {
return $response->withJson(array('success'=>false, 'message'=>getMLText("document_duplicate_name"), 'data'=>''), 400); return $response->withJson(array('success'=>false, 'message'=>getMLText("document_duplicate_name"), 'data'=>''), 409);
} }
} }
$res = $mfolder->addDocument($docname, '', 0, $userobj, '', array(), $temp, $origfilename ? $origfilename : basename($temp), $fileType, $userfiletype, 0); $res = $mfolder->addDocument($docname, '', 0, $userobj, '', array(), $temp, $origfilename ? $origfilename : basename($temp), $fileType, $userfiletype, 0);
@ -739,7 +827,7 @@ function uploadDocumentPut($request, $response, $args) { /* {{{ */
} }
} else { } else {
if($mfolder === null) if($mfolder === null)
$status=400; $status=404;
else else
$status=500; $status=500;
return $response->withJson(array('success'=>false, 'message'=>'No folder', 'data'=>''), $status); return $response->withJson(array('success'=>false, 'message'=>'No folder', 'data'=>''), $status);
@ -794,7 +882,7 @@ function uploadDocumentFile($request, $response, $args) { /* {{{ */
} }
} else { } else {
if($document === null) if($document === null)
$status=400; $status=404;
else else
$status=500; $status=500;
return $response->withJson(array('success'=>false, 'message'=>'No such document', 'data'=>''), $status); return $response->withJson(array('success'=>false, 'message'=>'No such document', 'data'=>''), $status);
@ -848,7 +936,7 @@ function getDocument($request, $response, $args) { /* {{{ */
} }
} else { } else {
if($document === null) if($document === null)
$status=400; $status=404;
else else
$status=500; $status=500;
return $response->withJson(array('success'=>false, 'message'=>'No document', 'data'=>''), $status); return $response->withJson(array('success'=>false, 'message'=>'No document', 'data'=>''), $status);
@ -870,7 +958,7 @@ function deleteDocument($request, $response, $args) { /* {{{ */
} }
} else { } else {
if($document === null) if($document === null)
$status=400; $status=404;
else else
$status=500; $status=500;
return $response->withJson(array('success'=>false, 'message'=>'No document', 'data'=>''), $status); return $response->withJson(array('success'=>false, 'message'=>'No document', 'data'=>''), $status);
@ -894,7 +982,7 @@ function moveDocument($request, $response, $args) { /* {{{ */
} }
} else { } else {
if($folder === null) if($folder === null)
$status=400; $status=404;
else else
$status=500; $status=500;
return $response->withJson(array('success'=>false, 'message'=>'No destination folder', 'data'=>''), $status); return $response->withJson(array('success'=>false, 'message'=>'No destination folder', 'data'=>''), $status);
@ -904,7 +992,7 @@ function moveDocument($request, $response, $args) { /* {{{ */
} }
} else { } else {
if($document === null) if($document === null)
$status=400; $status=404;
else else
$status=500; $status=500;
return $response->withJson(array('success'=>false, 'message'=>'No document', 'data'=>''), $status); return $response->withJson(array('success'=>false, 'message'=>'No document', 'data'=>''), $status);
@ -949,7 +1037,7 @@ function getDocumentContent($request, $response, $args) { /* {{{ */
} }
} else { } else {
if($document === null) if($document === null)
$status=400; $status=404;
else else
$status=500; $status=500;
return $response->withJson(array('success'=>false, 'message'=>'No document', 'data'=>''), $status); return $response->withJson(array('success'=>false, 'message'=>'No document', 'data'=>''), $status);
@ -966,13 +1054,7 @@ function getDocumentVersions($request, $response, $args) { /* {{{ */
$recs = array(); $recs = array();
$lcs = $document->getContent(); $lcs = $document->getContent();
foreach($lcs as $lc) { foreach($lcs as $lc) {
$recs[] = array( $recs[] = __getDocumentVersionData($lc);
'version'=>$lc->getVersion(),
'date'=>$lc->getDate(),
'mimetype'=>$lc->getMimeType(),
'size'=>$lc->getFileSize(),
'comment'=>$lc->getComment(),
);
} }
return $response->withJson(array('success'=>true, 'message'=>'', 'data'=>$recs), 200); return $response->withJson(array('success'=>true, 'message'=>'', 'data'=>$recs), 200);
} else { } else {
@ -980,7 +1062,7 @@ function getDocumentVersions($request, $response, $args) { /* {{{ */
} }
} else { } else {
if($document === null) if($document === null)
$status=400; $status=404;
else else
$status=500; $status=500;
return $response->withJson(array('success'=>false, 'message'=>'No document', 'data'=>''), $status); return $response->withJson(array('success'=>false, 'message'=>'No document', 'data'=>''), $status);
@ -989,8 +1071,12 @@ function getDocumentVersions($request, $response, $args) { /* {{{ */
function getDocumentVersion($request, $response, $args) { /* {{{ */ function getDocumentVersion($request, $response, $args) { /* {{{ */
global $dms, $userobj; global $dms, $userobj;
$document = $dms->getDocument($args['id']);
if(!ctype_digit($args['id']) || !ctype_digit($args['version'])) {
return $response->withJson(array('success'=>false, 'message'=>'Invalid parameter', 'data'=>''), 400);
}
$document = $dms->getDocument($args['id']);
if($document) { if($document) {
if ($document->getAccessMode($userobj) >= M_READ) { if ($document->getAccessMode($userobj) >= M_READ) {
$lc = $document->getContentByVersion($args['version']); $lc = $document->getContentByVersion($args['version']);
@ -1018,14 +1104,14 @@ function getDocumentVersion($request, $response, $args) { /* {{{ */
sendFile($dms->contentDir . $lc->getPath()); sendFile($dms->contentDir . $lc->getPath());
} else { } else {
return $response->withJson(array('success'=>false, 'message'=>'No such version', 'data'=>''), 400); return $response->withJson(array('success'=>false, 'message'=>'No such version', 'data'=>''), 404);
} }
} else { } else {
return $response->withJson(array('success'=>false, 'message'=>'No access', 'data'=>''), 403); return $response->withJson(array('success'=>false, 'message'=>'No access', 'data'=>''), 403);
} }
} else { } else {
if($document === null) if($document === null)
$status=400; $status=404;
else else
$status=500; $status=500;
return $response->withJson(array('success'=>false, 'message'=>'No document', 'data'=>''), $status); return $response->withJson(array('success'=>false, 'message'=>'No document', 'data'=>''), $status);
@ -1046,14 +1132,14 @@ function updateDocumentVersion($request, $response, $args) { /* {{{ */
return $response->withJson(array('success'=>true, 'message'=>'', 'data'=>''), 200); return $response->withJson(array('success'=>true, 'message'=>'', 'data'=>''), 200);
} }
} else { } else {
return $response->withJson(array('success'=>false, 'message'=>'No such version', 'data'=>''), 400); return $response->withJson(array('success'=>false, 'message'=>'No such version', 'data'=>''), 404);
} }
} else { } else {
return $response->withJson(array('success'=>false, 'message'=>'No access', 'data'=>''), 403); return $response->withJson(array('success'=>false, 'message'=>'No access', 'data'=>''), 403);
} }
} else { } else {
if($document === null) if($document === null)
$status=400; $status=404;
else else
$status=500; $status=500;
return $response->withJson(array('success'=>false, 'message'=>'No document', 'data'=>''), $status); return $response->withJson(array('success'=>false, 'message'=>'No document', 'data'=>''), $status);
@ -1062,6 +1148,10 @@ function updateDocumentVersion($request, $response, $args) { /* {{{ */
function getDocumentFiles($request, $response, $args) { /* {{{ */ function getDocumentFiles($request, $response, $args) { /* {{{ */
global $dms, $userobj; global $dms, $userobj;
if(!ctype_digit($args['id'])) {
return $response->withJson(array('success'=>false, 'message'=>'Invalid parameter', 'data'=>''), 400);
}
$document = $dms->getDocument($args['id']); $document = $dms->getDocument($args['id']);
if($document) { if($document) {
@ -1069,13 +1159,7 @@ function getDocumentFiles($request, $response, $args) { /* {{{ */
$recs = array(); $recs = array();
$files = $document->getDocumentFiles(); $files = $document->getDocumentFiles();
foreach($files as $file) { foreach($files as $file) {
$recs[] = array( $recs[] = __getDocumentFileData($file);
'id'=>(int)$file->getId(),
'name'=>$file->getName(),
'date'=>$file->getDate(),
'mimetype'=>$file->getMimeType(),
'comment'=>$file->getComment(),
);
} }
return $response->withJson(array('success'=>true, 'message'=>'', 'data'=>$recs), 200); return $response->withJson(array('success'=>true, 'message'=>'', 'data'=>$recs), 200);
} else { } else {
@ -1083,7 +1167,7 @@ function getDocumentFiles($request, $response, $args) { /* {{{ */
} }
} else { } else {
if($document === null) if($document === null)
$status=400; $status=404;
else else
$status=500; $status=500;
return $response->withJson(array('success'=>false, 'message'=>'No document', 'data'=>''), $status); return $response->withJson(array('success'=>false, 'message'=>'No document', 'data'=>''), $status);
@ -1092,35 +1176,42 @@ function getDocumentFiles($request, $response, $args) { /* {{{ */
function getDocumentFile($request, $response, $args) { /* {{{ */ function getDocumentFile($request, $response, $args) { /* {{{ */
global $dms, $userobj; global $dms, $userobj;
if(!ctype_digit($args['id']) || !ctype_digit($args['fileid'])) {
return $response->withJson(array('success'=>false, 'message'=>'Invalid parameter', 'data'=>''), 400);
}
$document = $dms->getDocument($args['id']); $document = $dms->getDocument($args['id']);
if($document) { if($document) {
if ($document->getAccessMode($userobj) >= M_READ) { if ($document->getAccessMode($userobj) >= M_READ) {
$lc = $document->getDocumentFile($args['fileid']); $lc = $document->getDocumentFile($args['fileid']);
if($lc) {
$file = $dms->contentDir . $lc->getPath();
if(!($fh = @fopen($file, 'rb'))) {
return $response->withJson(array('success'=>false, 'message'=>'', 'data'=>''), 500);
}
$stream = new \Slim\Http\Stream($fh); // create a stream instance for the response body
$file = $dms->contentDir . $lc->getPath(); return $response->withHeader('Content-Type', $lc->getMimeType())
if(!($fh = @fopen($file, 'rb'))) { ->withHeader('Content-Description', 'File Transfer')
return $response->withJson(array('success'=>false, 'message'=>'', 'data'=>''), 500); ->withHeader('Content-Transfer-Encoding', 'binary')
->withHeader('Content-Disposition', 'attachment; filename="' . $document->getName() . $lc->getFileType() . '"')
->withHeader('Content-Length', filesize($dms->contentDir . $lc->getPath()))
->withHeader('Expires', '0')
->withHeader('Cache-Control', 'must-revalidate, post-check=0, pre-check=0')
->withHeader('Pragma', 'no-cache')
->withBody($stream);
sendFile($dms->contentDir . $lc->getPath());
} else {
return $response->withJson(array('success'=>false, 'message'=>'No document file', 'data'=>''), 404);
} }
$stream = new \Slim\Http\Stream($fh); // create a stream instance for the response body
return $response->withHeader('Content-Type', $lc->getMimeType())
->withHeader('Content-Description', 'File Transfer')
->withHeader('Content-Transfer-Encoding', 'binary')
->withHeader('Content-Disposition', 'attachment; filename="' . $document->getName() . $lc->getFileType() . '"')
->withHeader('Content-Length', filesize($dms->contentDir . $lc->getPath()))
->withHeader('Expires', '0')
->withHeader('Cache-Control', 'must-revalidate, post-check=0, pre-check=0')
->withHeader('Pragma', 'no-cache')
->withBody($stream);
sendFile($dms->contentDir . $lc->getPath());
} else { } else {
return $response->withJson(array('success'=>false, 'message'=>'No access', 'data'=>''), 403); return $response->withJson(array('success'=>false, 'message'=>'No access', 'data'=>''), 403);
} }
} else { } else {
if($document === null) if($document === null)
$status=400; $status=404;
else else
$status=500; $status=500;
return $response->withJson(array('success'=>false, 'message'=>'No document', 'data'=>''), $status); return $response->withJson(array('success'=>false, 'message'=>'No document', 'data'=>''), $status);
@ -1129,6 +1220,10 @@ function getDocumentFile($request, $response, $args) { /* {{{ */
function getDocumentLinks($request, $response, $args) { /* {{{ */ function getDocumentLinks($request, $response, $args) { /* {{{ */
global $dms, $userobj; global $dms, $userobj;
if(!ctype_digit($args['id'])) {
return $response->withJson(array('success'=>false, 'message'=>'Invalid parameter', 'data'=>''), 400);
}
$document = $dms->getDocument($args['id']); $document = $dms->getDocument($args['id']);
if($document) { if($document) {
@ -1136,11 +1231,7 @@ function getDocumentLinks($request, $response, $args) { /* {{{ */
$recs = array(); $recs = array();
$links = $document->getDocumentLinks(); $links = $document->getDocumentLinks();
foreach($links as $link) { foreach($links as $link) {
$recs[] = array( $recs[] = __getDocumentLinkData($link);
'id'=>(int)$link->getId(),
'target'=>$link->getTarget(),
'public'=>$link->isPublic(),
);
} }
return $response->withJson(array('success'=>true, 'message'=>'', 'data'=>$recs), 200); return $response->withJson(array('success'=>true, 'message'=>'', 'data'=>$recs), 200);
} else { } else {
@ -1148,7 +1239,7 @@ function getDocumentLinks($request, $response, $args) { /* {{{ */
} }
} else { } else {
if($document === null) if($document === null)
$status=400; $status=404;
else else
$status=500; $status=500;
return $response->withJson(array('success'=>false, 'message'=>'No document', 'data'=>''), $status); return $response->withJson(array('success'=>false, 'message'=>'No document', 'data'=>''), $status);
@ -1176,7 +1267,7 @@ function getDocumentAttributes($request, $response, $args) { /* {{{ */
} }
} else { } else {
if($document === null) if($document === null)
$status=400; $status=404;
else else
$status=500; $status=500;
return $response->withJson(array('success'=>false, 'message'=>'No document', 'data'=>''), $status); return $response->withJson(array('success'=>false, 'message'=>'No document', 'data'=>''), $status);
@ -1221,7 +1312,7 @@ function getDocumentPreview($request, $response, $args) { /* {{{ */
} }
} else { } else {
if($document === null) if($document === null)
$status=400; $status=404;
else else
$status=500; $status=500;
return $response->withJson(array('success'=>false, 'message'=>'No document', 'data'=>''), $status); return $response->withJson(array('success'=>false, 'message'=>'No document', 'data'=>''), $status);
@ -1245,9 +1336,9 @@ function removeDocumentCategory($request, $response, $args) { /* {{{ */
} }
} else { } else {
if(!$document) if(!$document)
return $response->withJson(array('success'=>false, 'message'=>'No such document', 'data'=>''), 400); return $response->withJson(array('success'=>false, 'message'=>'No such document', 'data'=>''), 404);
if(!$category) if(!$category)
return $response->withJson(array('success'=>false, 'message'=>'No such category', 'data'=>''), 400); return $response->withJson(array('success'=>false, 'message'=>'No such category', 'data'=>''), 404);
return $response->withJson(array('success'=>false, 'message'=>'', 'data'=>''), 500); return $response->withJson(array('success'=>false, 'message'=>'', 'data'=>''), 500);
} }
} /* }}} */ } /* }}} */
@ -1267,7 +1358,7 @@ function removeDocumentCategories($request, $response, $args) { /* {{{ */
} }
} else { } else {
if($document === null) if($document === null)
$status=400; $status=404;
else else
$status=500; $status=500;
return $response->withJson(array('success'=>false, 'message'=>'No such document', 'data'=>''), $status); return $response->withJson(array('success'=>false, 'message'=>'No such document', 'data'=>''), $status);
@ -1522,7 +1613,7 @@ function changeUserPassword($request, $response, $args) { /* {{{ */
$params = $request->getParsedBody(); $params = $request->getParsedBody();
if ($params['password'] == null) { if ($params['password'] == null) {
return $response->withJson(array('success'=>false, 'message'=>'You must supply a new password', 'data'=>''), 200); return $response->withJson(array('success'=>false, 'message'=>'You must supply a new password', 'data'=>''), 400);
} }
$newPassword = $params['password']; $newPassword = $params['password'];
@ -1564,7 +1655,7 @@ function getUserById($request, $response, $args) { /* {{{ */
$data = __getUserData($account); $data = __getUserData($account);
return $response->withJson(array('success'=>true, 'message'=>'', 'data'=>$data), 200); return $response->withJson(array('success'=>true, 'message'=>'', 'data'=>$data), 200);
} else { } else {
return $response->withStatus(404); return $response->withJson(array('success'=>false, 'message'=>'No such user', 'data'=>''), 404);
} }
} /* }}} */ } /* }}} */
@ -1595,7 +1686,7 @@ function setDisabledUser($request, $response, $args) { /* {{{ */
$data = __getUserData($account); $data = __getUserData($account);
return $response->withJson(array('success'=>true, 'message'=>'', 'data'=>$data), 200); return $response->withJson(array('success'=>true, 'message'=>'', 'data'=>$data), 200);
} else { } else {
return $response->withStatus(404); return $response->withJson(array('success'=>false, 'message'=>'No such user', 'data'=>''), 404);
} }
} /* }}} */ } /* }}} */
@ -1620,16 +1711,20 @@ function createGroup($request, $response) { /* {{{ */
if($check !== true) if($check !== true)
return $check; return $check;
$params = $request->getParsedBody(); $params = $request->getParsedBody();
if (empty($params['name'])) {
return $response->withJson(array('success'=>false, 'message'=>'Need a category.', 'data'=>''), 400);
}
$groupName = $params['name']; $groupName = $params['name'];
$comment = $params['comment']; $comment = isset($params['comment']) ? $params['comment'] : '';
$newGroup = $dms->addGroup($groupName, $comment); $newGroup = $dms->addGroup($groupName, $comment);
if ($newGroup === false) { if ($newGroup === false) {
return $response->withJson(array('success'=>false, 'message'=>'Group could not be created, maybe it already exists', 'data'=>''), 500); return $response->withJson(array('success'=>false, 'message'=>'Group could not be created, maybe it already exists', 'data'=>''), 500);
} }
$result = array('id'=>(int)$newGroup->getID()); // $result = array('id'=>(int)$newGroup->getID());
return $response->withJson(array('success'=>true, 'message'=>'', 'data'=>$result), 201); return $response->withJson(array('success'=>true, 'message'=>'', 'data'=>__getGroupData($newGroup)), 201);
} /* }}} */ } /* }}} */
function getGroup($request, $response, $args) { /* {{{ */ function getGroup($request, $response, $args) { /* {{{ */
@ -1882,7 +1977,7 @@ function getCategories($request, $response) { /* {{{ */
} }
$data = []; $data = [];
foreach($categories as $category) foreach($categories as $category)
$data[] = ['id' => (int)$category->getId(), 'name' => $category->getName()]; $data[] = __getCategoryData($category);
return $response->withJson(array('success'=>true, 'message'=>'', 'data'=>$data), 200); return $response->withJson(array('success'=>true, 'message'=>'', 'data'=>$data), 200);
} /* }}} */ } /* }}} */
@ -1891,17 +1986,14 @@ function getCategory($request, $response, $args) { /* {{{ */
global $dms, $userobj; global $dms, $userobj;
if(!ctype_digit($args['id'])) { if(!ctype_digit($args['id'])) {
return $response->withJson(array('success'=>false, 'message'=>'No such category', 'data'=>''), 400); return $response->withJson(array('success'=>false, 'message'=>'Invalid parameter', 'data'=>''), 400);
} }
$category = $dms->getDocumentCategory($args['id']); $category = $dms->getDocumentCategory($args['id']);
if($category) { if($category) {
$data = array(); return $response->withJson(array('success'=>true, 'message'=>'', 'data'=>__getCategoryData($category)), 200);
$data['id'] = (int)$category->getId();
$data['name'] = $category->getName();
return $response->withJson(array('success'=>true, 'message'=>'', 'data'=>$data), 200);
} else { } else {
return $response->withStatus(404); return $response->withJson(array('success'=>false, 'message'=>'No such category', 'data'=>''), 404);
} }
} /* }}} */ } /* }}} */
@ -1912,16 +2004,16 @@ function createCategory($request, $response) { /* {{{ */
return $check; return $check;
$params = $request->getParsedBody(); $params = $request->getParsedBody();
if (empty($params['category'])) { if (empty($params['name'])) {
return $response->withJson(array('success'=>false, 'message'=>'Need a category.', 'data'=>''), 400); return $response->withJson(array('success'=>false, 'message'=>'Need a category.', 'data'=>''), 400);
} }
$catobj = $dms->getDocumentCategoryByName($params['category']); $catobj = $dms->getDocumentCategoryByName($params['name']);
if($catobj) { if($catobj) {
return $response->withJson(array('success'=>false, 'message'=>'Category already exists', 'data'=>''), 409); return $response->withJson(array('success'=>false, 'message'=>'Category already exists', 'data'=>''), 409);
} else { } else {
if($data = $dms->addDocumentCategory($params['category'])) { if($data = $dms->addDocumentCategory($params['name'])) {
return $response->withJson(array('success'=>true, 'message'=>'', 'data'=>array('id'=>(int)$data->getID())), 201); return $response->withJson(array('success'=>true, 'message'=>'', 'data'=>__getCategoryData($data)), 201);
} else { } else {
return $response->withJson(array('success'=>false, 'message'=>'Could not add category', 'data'=>''), 500); return $response->withJson(array('success'=>false, 'message'=>'Could not add category', 'data'=>''), 500);
} }
@ -1957,30 +2049,32 @@ function changeCategoryName($request, $response, $args) { /* {{{ */
if($check !== true) if($check !== true)
return $check; return $check;
if(!ctype_digit($args['id'])) {
return $response->withJson(array('success'=>false, 'message'=>'Invalid parameter', 'data'=>''), 400);
}
$params = $request->getParsedBody(); $params = $request->getParsedBody();
if (empty($params['name'])) if (empty($params['name']))
{ {
return $response->withJson(array('success'=>false, 'message'=>'You must supply a new name', 'data'=>''), 200); return $response->withJson(array('success'=>false, 'message'=>'You must supply a new name', 'data'=>''), 400);
} }
$newname = $params['name']; $newname = $params['name'];
$category = null; $category = $dms->getDocumentCategory($args['id']);
if(ctype_digit($args['id']))
$category = $dms->getDocumentCategory($args['id']);
/** /**
* Category not found * Category not found
*/ */
if (!$category) { if (!$category) {
return $response->withStatus(404); return $response->withJson(array('success'=>false, 'message'=>'No such category', 'data'=>''), 404);
} }
if (!$category->setName($newname)) { if (!$category->setName($newname)) {
return $response->withJson(array('success'=>false, 'message'=>'', 'data'=>'Could not change name.'), 200); return $response->withJson(array('success'=>false, 'message'=>'', 'data'=>'Could not change name.'), 400);
} }
return $response->withJson(array('success'=>true, 'message'=>'', 'data'=>''), 200); return $response->withJson(array('success'=>true, 'message'=>'', 'data'=>__getCategoryData($category)), 200);
} /* }}} */ } /* }}} */
function getAttributeDefinitions($request, $response) { /* {{{ */ function getAttributeDefinitions($request, $response) { /* {{{ */
@ -1989,7 +2083,7 @@ function getAttributeDefinitions($request, $response) { /* {{{ */
$attrdefs = $dms->getAllAttributeDefinitions(); $attrdefs = $dms->getAllAttributeDefinitions();
$data = []; $data = [];
foreach($attrdefs as $attrdef) foreach($attrdefs as $attrdef)
$data[] = ['id' => (int)$attrdef->getId(), 'name' => $attrdef->getName(), 'type'=>(int)$attrdef->getType(), 'objtype'=>(int)$attrdef->getObjType(), 'min'=>(int)$attrdef->getMinValues(), 'max'=>(int)$attrdef->getMaxValues(), 'multiple'=>$attrdef->getMultipleValues()?true:false, 'valueset'=>$attrdef->getValueSetAsArray()]; $data[] = __getAttributeDefinitionData($attrdef);
return $response->withJson(array('success'=>true, 'message'=>'', 'data'=>$data), 200); return $response->withJson(array('success'=>true, 'message'=>'', 'data'=>$data), 200);
} /* }}} */ } /* }}} */
@ -2006,30 +2100,32 @@ function changeAttributeDefinitionName($request, $response, $args) { /* {{{ */
if($check !== true) if($check !== true)
return $check; return $check;
if(!ctype_digit($args['id'])) {
return $response->withJson(array('success'=>false, 'message'=>'Invalid parameter', 'data'=>''), 400);
}
$params = $request->getParsedBody(); $params = $request->getParsedBody();
if ($params['name'] == null) { if ($params['name'] == null) {
return $response->withJson(array('success'=>false, 'message'=>'You must supply a new name', 'data'=>''), 200); return $response->withJson(array('success'=>false, 'message'=>'You must supply a new name', 'data'=>''), 400);
} }
$newname = $params['name']; $newname = $params['name'];
$attrdef = null; $attrdef = $dms->getAttributeDefinition($args['id']);
if(ctype_digit($args['id']))
$attrdef = $dms->getAttributeDefinition($args['id']);
/** /**
* Category not found * Attribute definition not found
*/ */
if (!$attrdef) { if (!$attrdef) {
return $response->withStatus(404); return $response->withJson(array('success'=>false, 'message'=>'No such attribute defintion', 'data'=>''), 404);
} }
if (!$attrdef->setName($newname)) { if (!$attrdef->setName($newname)) {
return $response->withJson(array('success'=>false, 'message'=>'', 'data'=>'Could not change name.'), 200); return $response->withJson(array('success'=>false, 'message'=>'', 'data'=>'Could not change name.'), 400);
return; return;
} }
return $response->withJson(array('success'=>true, 'message'=>'', 'data'=>''), 200); return $response->withJson(array('success'=>true, 'message'=>'', 'data'=>__getAttributeDefinitionData($attrdef)), 200);
} /* }}} */ } /* }}} */
function clearFolderAccessList($request, $response, $args) { /* {{{ */ function clearFolderAccessList($request, $response, $args) { /* {{{ */
@ -2066,7 +2162,7 @@ $app->options('/{routes:.+}', function ($request, $response, $args) {
$app->add(function ($req, $res, $next) { $app->add(function ($req, $res, $next) {
$response = $next($req, $res); $response = $next($req, $res);
return $response return $response
->withHeader('Access-Control-Allow-Origin', $req->getHeader('Origin')) ->withHeader('Access-Control-Allow-Origin', $req->getHeader('Origin') ? $req->getHeader('Origin') : '*')
->withHeader('Access-Control-Allow-Headers', 'X-Requested-With, Content-Type, Accept, Origin, Authorization') ->withHeader('Access-Control-Allow-Headers', 'X-Requested-With, Content-Type, Accept, Origin, Authorization')
->withHeader('Access-Control-Allow-Methods', 'GET, POST, PUT, DELETE, PATCH, OPTIONS'); ->withHeader('Access-Control-Allow-Methods', 'GET, POST, PUT, DELETE, PATCH, OPTIONS');
}); });