diff options
-rw-r--r-- | application/controllers/api/v2/user.php | 67 |
1 files changed, 65 insertions, 2 deletions
diff --git a/application/controllers/api/v2/user.php b/application/controllers/api/v2/user.php index 2a233fe52..655dc62f3 100644 --- a/application/controllers/api/v2/user.php +++ b/application/controllers/api/v2/user.php @@ -1,6 +1,6 @@ <?php /* - * Copyright 2014-2015 Florian "Bluewind" Pritz <bluewind@server-speed.net> + * Copyright 2014-2016 Florian "Bluewind" Pritz <bluewind@server-speed.net> * * Licensed under AGPLv3 * (see COPYING for full license text) @@ -8,5 +8,68 @@ */ namespace controllers\api\v2; -class user extends \controllers\api\v1\user { +class user extends \controllers\api\api_controller { + public function __construct() + { + parent::__construct(); + + $this->load->model('muser'); + } + + public function apikeys() + { + $this->muser->require_access("full"); + return \service\user::apikeys($this->muser->get_userid()); + } + + public function create_apikey() + { + $username = $this->input->post("username"); + $password = $this->input->post("password"); + if ($username && $password) { + if (!$this->muser->login($username, $password)) { + throw new \exceptions\NotAuthenticatedException("user/login-failed", "Login failed"); + } + } + + $this->muser->require_access("full"); + + $userid = $this->muser->get_userid(); + $comment = $this->input->post("comment"); + $comment = $comment === false ? "" : $comment; + $access_level = $this->input->post("access_level"); + + $key = \service\user::create_apikey($userid, $comment, $access_level); + + return array( + "new_key" => $key, + ); + } + + public function delete_apikey() + { + $this->muser->require_access("full"); + + $userid = $this->muser->get_userid(); + $key = $this->input->post("delete_key"); + + $this->db->where('user', $userid) + ->where('key', $key) + ->delete('apikeys'); + + $affected = $this->db->affected_rows(); + + assert($affected >= 0 && $affected <= 1); + if ($affected == 1) { + return array( + "deleted_keys" => array( + $key => array ( + "key" => $key, + ), + ), + ); + } else { + throw new \exceptions\PublicApiException('user/delete_apikey/failed', 'Apikey deletion failed. Possibly wrong owner.'); + } + } } |