summaryrefslogtreecommitdiffstats
path: root/application/controllers/api/v2
diff options
context:
space:
mode:
Diffstat (limited to 'application/controllers/api/v2')
-rw-r--r--application/controllers/api/v2/user.php67
1 files changed, 65 insertions, 2 deletions
diff --git a/application/controllers/api/v2/user.php b/application/controllers/api/v2/user.php
index 2a233fe52..655dc62f3 100644
--- a/application/controllers/api/v2/user.php
+++ b/application/controllers/api/v2/user.php
@@ -1,6 +1,6 @@
<?php
/*
- * Copyright 2014-2015 Florian "Bluewind" Pritz <bluewind@server-speed.net>
+ * Copyright 2014-2016 Florian "Bluewind" Pritz <bluewind@server-speed.net>
*
* Licensed under AGPLv3
* (see COPYING for full license text)
@@ -8,5 +8,68 @@
*/
namespace controllers\api\v2;
-class user extends \controllers\api\v1\user {
+class user extends \controllers\api\api_controller {
+ public function __construct()
+ {
+ parent::__construct();
+
+ $this->load->model('muser');
+ }
+
+ public function apikeys()
+ {
+ $this->muser->require_access("full");
+ return \service\user::apikeys($this->muser->get_userid());
+ }
+
+ public function create_apikey()
+ {
+ $username = $this->input->post("username");
+ $password = $this->input->post("password");
+ if ($username && $password) {
+ if (!$this->muser->login($username, $password)) {
+ throw new \exceptions\NotAuthenticatedException("user/login-failed", "Login failed");
+ }
+ }
+
+ $this->muser->require_access("full");
+
+ $userid = $this->muser->get_userid();
+ $comment = $this->input->post("comment");
+ $comment = $comment === false ? "" : $comment;
+ $access_level = $this->input->post("access_level");
+
+ $key = \service\user::create_apikey($userid, $comment, $access_level);
+
+ return array(
+ "new_key" => $key,
+ );
+ }
+
+ public function delete_apikey()
+ {
+ $this->muser->require_access("full");
+
+ $userid = $this->muser->get_userid();
+ $key = $this->input->post("delete_key");
+
+ $this->db->where('user', $userid)
+ ->where('key', $key)
+ ->delete('apikeys');
+
+ $affected = $this->db->affected_rows();
+
+ assert($affected >= 0 && $affected <= 1);
+ if ($affected == 1) {
+ return array(
+ "deleted_keys" => array(
+ $key => array (
+ "key" => $key,
+ ),
+ ),
+ );
+ } else {
+ throw new \exceptions\PublicApiException('user/delete_apikey/failed', 'Apikey deletion failed. Possibly wrong owner.');
+ }
+ }
}