4 files changed, 205 insertions, 0 deletions

diff --git a/application/controllers/api/api_controller.php b/application/controllers/api/api_controller.php
new file mode 100644
index 000000000..d615d6cec
--- /dev/null
+++ b/application/controllers/api/api_controller.php
@@ -0,0 +1,18 @@
+<?php
+/*
+ * Copyright 2014 Florian "Bluewind" Pritz <bluewind@server-speed.net>
+ *
+ * Licensed under AGPLv3
+ * (see COPYING for full license text)
+ *
+ */
+
+namespace controllers\api;
+
+abstract class api_controller {
+	public function __construct() {
+		$this->CI =& get_instance();
+	}
+
+}
+
diff --git a/application/controllers/api/v2/api_info.php b/application/controllers/api/v2/api_info.php
new file mode 100644
index 000000000..8d2bdf6dc
--- /dev/null
+++ b/application/controllers/api/v2/api_info.php
@@ -0,0 +1,16 @@
+<?php
+/*
+ * Copyright 2014-2015 Florian "Bluewind" Pritz <bluewind@server-speed.net>
+ *
+ * Licensed under AGPLv3
+ * (see COPYING for full license text)
+ *
+ */
+namespace controllers\api\v2;
+
+class api_info extends \controllers\api\api_controller {
+	static public function get_version()
+	{
+		return "2.1.1";
+	}
+}
diff --git a/application/controllers/api/v2/file.php b/application/controllers/api/v2/file.php
new file mode 100644
index 000000000..3d4103f1c
--- /dev/null
+++ b/application/controllers/api/v2/file.php
@@ -0,0 +1,96 @@
+<?php
+/*
+ * Copyright 2014-2015 Florian "Bluewind" Pritz <bluewind@server-speed.net>
+ *
+ * Licensed under AGPLv3
+ * (see COPYING for full license text)
+ *
+ */
+namespace controllers\api\v2;
+
+class file extends \controllers\api\api_controller {
+	public function __construct()
+	{
+		parent::__construct();
+
+		$this->CI->load->model('mfile');
+		$this->CI->load->model('mmultipaste');
+	}
+
+	public function upload()
+	{
+		$this->CI->muser->require_access("basic");
+
+		$files = getNormalizedFILES();
+
+		if (empty($files)) {
+			throw new \exceptions\PublicApiException("file/no-file", "No file was uploaded or unknown error occurred.");
+		}
+
+		\service\files::verify_uploaded_files($files);
+
+		$limits = $this->CI->muser->get_upload_id_limits();
+		$userid = $this->CI->muser->get_userid();
+		$urls = array();
+
+		foreach ($files as $file) {
+			$id = $this->CI->mfile->new_id($limits[0], $limits[1]);
+			\service\files::add_uploaded_file($userid, $id, $file["tmp_name"], $file["name"]);
+			$ids[] = $id;
+			$urls[] = site_url($id).'/';
+		}
+
+		return array(
+			"ids" => $ids,
+			"urls" => $urls,
+		);
+	}
+
+	public function get_config()
+	{
+		return array(
+			"upload_max_size" => $this->CI->config->item("upload_max_size"),
+			"max_files_per_request" => intval(ini_get("max_file_uploads")),
+			"max_input_vars" => intval(ini_get("max_input_vars")),
+			"request_max_size" => return_bytes(ini_get("post_max_size")),
+		);
+	}
+
+	public function history()
+	{
+		$this->CI->muser->require_access("apikey");
+		$history = \service\files::history($this->CI->muser->get_userid());
+		foreach ($history['multipaste_items'] as $key => $item) {
+			foreach ($item['items'] as $inner_key => $item) {
+				unset($history['multipaste_items'][$key]['items'][$inner_key]['sort_order']);
+			}
+		}
+
+		$history = ensure_json_keys_contain_objects($history, array("items", "multipaste_items"));
+
+		return $history;
+	}
+
+	public function delete()
+	{
+		$this->CI->muser->require_access("apikey");
+		$ids = $this->CI->input->post_array("ids");
+		$ret = \service\files::delete($ids);
+
+		$ret = ensure_json_keys_contain_objects($ret, array("errors", "deleted"));
+
+		return $ret;
+	}
+
+	public function create_multipaste()
+	{
+		$this->CI->muser->require_access("basic");
+		$ids = $this->CI->input->post_array("ids");
+		$userid = $this->CI->muser->get_userid();
+		$limits = $this->CI->muser->get_upload_id_limits();
+
+		return \service\files::create_multipaste($ids, $userid, $limits);
+	}
+
+}
+# vim: set noet:
diff --git a/application/controllers/api/v2/user.php b/application/controllers/api/v2/user.php
new file mode 100644
index 000000000..677a870c4
--- /dev/null
+++ b/application/controllers/api/v2/user.php
@@ -0,0 +1,75 @@
+<?php
+/*
+ * Copyright 2014-2016 Florian "Bluewind" Pritz <bluewind@server-speed.net>
+ *
+ * Licensed under AGPLv3
+ * (see COPYING for full license text)
+ *
+ */
+namespace controllers\api\v2;
+
+class user extends \controllers\api\api_controller {
+	public function __construct()
+	{
+		parent::__construct();
+
+		$this->CI->load->model('muser');
+	}
+
+	public function apikeys()
+	{
+		$this->CI->muser->require_access("full");
+		return \service\user::apikeys($this->CI->muser->get_userid());
+	}
+
+	public function create_apikey()
+	{
+		$username = $this->CI->input->post("username");
+		$password = $this->CI->input->post("password");
+		if ($username && $password) {
+			if (!$this->CI->muser->login($username, $password)) {
+				throw new \exceptions\NotAuthenticatedException("user/login-failed", "Login failed");
+			}
+		}
+
+		$this->CI->muser->require_access("full");
+
+		$userid = $this->CI->muser->get_userid();
+		$comment = $this->CI->input->post("comment");
+		$comment = $comment === null ? "" : $comment;
+		$access_level = $this->CI->input->post("access_level");
+
+		$key = \service\user::create_apikey($userid, $comment, $access_level);
+
+		return array(
+			"new_key" => $key,
+		);
+	}
+
+	public function delete_apikey()
+	{
+		$this->CI->muser->require_access("full");
+
+		$userid = $this->CI->muser->get_userid();
+		$key = $this->CI->input->post("delete_key");
+
+		$this->CI->db->where('user', $userid)
+			->where('key', $key)
+			->delete('apikeys');
+
+		$affected = $this->CI->db->affected_rows();
+
+		assert($affected >= 0 && $affected <= 1);
+		if ($affected == 1) {
+			return array(
+				"deleted_keys" => array(
+					$key => array (
+						"key" => $key,
+					),
+				),
+			);
+		} else {
+			throw new \exceptions\PublicApiException('user/delete_apikey/failed', 'Apikey deletion failed. Possibly wrong owner.');
+		}
+	}
+}