From d59962443687127ea1defc2f8ac41af1c2c02fe4 Mon Sep 17 00:00:00 2001 From: Florian Pritz Date: Sat, 25 Oct 2014 13:55:08 +0200 Subject: first go at reworking; needs to be redesigned Signed-off-by: Florian Pritz --- application/controllers/api.php | 38 +++++++++++ application/controllers/api/api_controller.php | 15 +++++ application/controllers/api/v1.php | 83 +++++++++++++++++++++++ application/controllers/file.php | 92 +++++--------------------- 4 files changed, 152 insertions(+), 76 deletions(-) create mode 100644 application/controllers/api.php create mode 100644 application/controllers/api/api_controller.php create mode 100644 application/controllers/api/v1.php (limited to 'application/controllers') diff --git a/application/controllers/api.php b/application/controllers/api.php new file mode 100644 index 000000000..626e7b91a --- /dev/null +++ b/application/controllers/api.php @@ -0,0 +1,38 @@ + + * + * Licensed under AGPLv3 + * (see COPYING for full license text) + * + */ + +class Api extends MY_Controller { + + public function __construct() + { + parent::__construct(); + + $this->load->model('mfile'); + $this->load->model('mmultipaste'); + } + + public function route() { + $requested_version = $this->uri->segment(2); + $function = $this->uri->segment(3); + $major = intval(explode(".", $requested_version)[0]); + + $class = "controllers\\api\\v".$major; + + if (!class_exists($class) || version_compare($class::get_version(), $requested_version, "<")) { + return send_json_error_reply("Requested API version is not supported"); + } + + if (!preg_match("/^[a-zA-Z-_]+$/", $function)) { + return send_json_error_reply("Invalid function requested"); + } + + $controller = new $class; + return $controller->$function(); + } +} diff --git a/application/controllers/api/api_controller.php b/application/controllers/api/api_controller.php new file mode 100644 index 000000000..ca24dae59 --- /dev/null +++ b/application/controllers/api/api_controller.php @@ -0,0 +1,15 @@ + + * + * Licensed under AGPLv3 + * (see COPYING for full license text) + * + */ + +namespace controllers\api; + +abstract class api_controller { + abstract static public function get_version(); +} + diff --git a/application/controllers/api/v1.php b/application/controllers/api/v1.php new file mode 100644 index 000000000..e6d3c56fe --- /dev/null +++ b/application/controllers/api/v1.php @@ -0,0 +1,83 @@ + + * + * Licensed under AGPLv3 + * (see COPYING for full license text) + * + */ +namespace controllers\api; + +class v1 extends api_controller { + protected $json_enabled_functions = array( + "upload", + "get_config", + "history", + ); + + static public function get_version() + { + return "1.0.1"; + } + + public function __construct() + { + parent::__construct(); + + $this->load->model('mfile'); + $this->load->model('mmultipaste'); + } + + public function upload() + { + $this->muser->require_access("basic"); + + $files = getNormalizedFILES(); + + if (empty($files)) { + show_error("No file was uploaded or unknown error occured."); + } + + $errors = service\files::verify_uploaded_files($files); + if (!empty($errors)) { + return send_json_reply($errors, "upload-error"); + } + + $limits = $this->muser->get_upload_id_limits(); + $urls = array(); + + foreach ($files as $file) { + $id = $this->mfile->new_id($limits[0], $limits[1]); + service\files::add_file($id, $file["tmp_name"], $file["name"]); + $ids[] = $id; + $urls[] = site_url($id).'/'; + } + + return send_json_reply(array( + "ids" => $ids, + "urls" => $urls, + )); + } + + public function get_config() + { + return send_json_reply(array( + "upload_max_size" => $this->config->item("upload_max_size"), + )); + } + + public function history() + { + $this->muser->require_access("apikey"); + $history = service\files::history($this->muser->get_userid()); + return send_json_reply($history); + } + + public function delete() + { + $this->muser->require_access("apikey"); + + + } +} +# vim: set noet: diff --git a/application/controllers/file.php b/application/controllers/file.php index 2617d4840..ac2c4b4ca 100644 --- a/application/controllers/file.php +++ b/application/controllers/file.php @@ -623,10 +623,7 @@ class File extends MY_Controller { { $this->muser->require_access("apikey"); - $user = $this->muser->get_userid(); - - $query = array(); - $lengths = array(); + $history = service\files::history($this->muser->get_userid()); // key: database field name; value: display name $fields = array( @@ -645,22 +642,7 @@ class File extends MY_Controller { $order = is_cli_client() ? "ASC" : "DESC"; - $items = $this->db->select(implode(',', array_keys($fields))) - ->from('files') - ->where('user', $user) - ->get()->result_array(); - - $query = $this->db->query(" - SELECT m.url_id id, sum(f.filesize) filesize, m.date, '' hash, '' mimetype, concat(count(*), ' file(s)') filename - FROM multipaste m - JOIN multipaste_file_map mfm ON m.multipaste_id = mfm.multipaste_id - JOIN files f ON f.id = mfm.file_url_id - WHERE m.user_id = ? - GROUP BY m.url_id - ", array($user))->result_array(); - - $items = array_merge($items, $query); - uasort($items, function($a, $b) use ($order) { + uasort($history["items"], function($a, $b) use ($order) { if ($order == "ASC") { return $a["date"] - $b["date"]; } else { @@ -668,12 +650,8 @@ class File extends MY_Controller { } }); - if (static_storage("response_type") == "json") { - return send_json_reply($items); - } - - foreach($items as $key => $item) { - $items[$key]["filesize"] = format_bytes($item["filesize"]); + foreach($history["items"] as $key => $item) { + $history["items"][$key]["filesize"] = format_bytes($item["filesize"]); if (is_cli_client()) { // Keep track of longest string to pad plaintext output correctly foreach($fields as $length_key => $value) { @@ -685,19 +663,10 @@ class File extends MY_Controller { } } - $total_size = $this->db->query(" - SELECT sum(filesize) sum - FROM ( - SELECT DISTINCT hash, filesize - FROM files - WHERE user = ? - ) sub - ", array($user))->row_array(); - - $this->data["items"] = $items; + $this->data["items"] = $history["items"]; $this->data["lengths"] = $lengths; $this->data["fields"] = $fields; - $this->data["total_size"] = format_bytes($total_size["sum"]); + $this->data["total_size"] = format_bytes($history["total_size"]); $this->load->view('header', $this->data); $this->load->view($this->var->view_dir.'/upload_history', $this->data); @@ -882,6 +851,7 @@ class File extends MY_Controller { show_error("Error while uploading: File too big", 413); } + // FIXME: this duplicates service\files::add_file (kind of) $limits = $this->muser->get_upload_id_limits(); $id = $this->mfile->new_id($limits[0], $limits[1]); $hash = md5($content); @@ -915,44 +885,19 @@ class File extends MY_Controller { show_error("No file was uploaded or unknown error occured."); } - // Check for errors before doing anything - // First error wins and is displayed, these shouldn't happen that often anyway. - foreach ($files as $key => $file) { - // getNormalizedFILES() removes any file with error == 4 - if ($file['error'] !== UPLOAD_ERR_OK) { - // ERR_OK only for completeness, condition above ignores it - $errors = array( - UPLOAD_ERR_OK => "There is no error, the file uploaded with success", - UPLOAD_ERR_INI_SIZE => "The uploaded file exceeds the upload_max_filesize directive in php.ini", - UPLOAD_ERR_FORM_SIZE => "The uploaded file exceeds the MAX_FILE_SIZE directive that was specified in the HTML form", - UPLOAD_ERR_PARTIAL => "The uploaded file was only partially uploaded", - UPLOAD_ERR_NO_FILE => "No file was uploaded", - UPLOAD_ERR_NO_TMP_DIR => "Missing a temporary folder", - UPLOAD_ERR_CANT_WRITE => "Failed to write file to disk", - UPLOAD_ERR_EXTENSION => "A PHP extension stopped the file upload", - ); - - $msg = "Unknown error."; - - if (isset($errors[$file['error']])) { - $msg = $errors[$file['error']]; - } else { - $msg = "Unknown error code: ".$file['error'].". Please report a bug."; - } - - show_error("Error while uploading: ".$msg, 400); - } - - $filesize = filesize($file['tmp_name']); - if ($filesize > $this->config->item('upload_max_size')) { - show_error("Error while uploading: File too big", 413); + $errors = service\files::verify_uploaded_files($files); + if (!empty($errors)) { + $messages = array(); + foreach ($errors as $error) { + $messages[] = htmlspecialchars($error["filename"]).": ".$error["message"]; } + show_error("Error(s) occured while uploading:
".implode("
", $messages), 400); } + $limits = $this->muser->get_upload_id_limits(); + foreach ($files as $key => $file) { - $limits = $this->muser->get_upload_id_limits(); $id = $this->mfile->new_id($limits[0], $limits[1]); - $hash = md5_file($file['tmp_name']); // work around a curl bug and allow the client to send the real filename base64 encoded // TODO: this interface currently sets the same filename for every file if you use multiupload @@ -968,12 +913,7 @@ class File extends MY_Controller { $filename = trim($filename, "\r\n\0\t\x0B"); - $folder = $this->mfile->folder($hash); - file_exists($folder) || mkdir ($folder); - $file_path = $this->mfile->file($hash); - - move_uploaded_file($file['tmp_name'], $file_path); - $this->mfile->add_file($hash, $id, $filename); + service\files::add_file($id, $file["tmp_name"], $filename); $ids[] = $id; } -- cgit v1.2.3-24-g4f1b From 349e9f6dc7da0c44ee80d0a73963c1c5cef87131 Mon Sep 17 00:00:00 2001 From: Florian Pritz Date: Sun, 26 Oct 2014 21:39:58 +0100 Subject: misc Signed-off-by: Florian Pritz --- application/controllers/api.php | 28 ++++++--- application/controllers/api/api_controller.php | 3 +- application/controllers/api/v1.php | 83 -------------------------- 3 files changed, 22 insertions(+), 92 deletions(-) delete mode 100644 application/controllers/api/v1.php (limited to 'application/controllers') diff --git a/application/controllers/api.php b/application/controllers/api.php index 626e7b91a..a7bd09f34 100644 --- a/application/controllers/api.php +++ b/application/controllers/api.php @@ -19,20 +19,34 @@ class Api extends MY_Controller { public function route() { $requested_version = $this->uri->segment(2); - $function = $this->uri->segment(3); + $controller = $this->uri->segment(3); + $function = $this->uri->segment(4); $major = intval(explode(".", $requested_version)[0]); - $class = "controllers\\api\\v".$major; - - if (!class_exists($class) || version_compare($class::get_version(), $requested_version, "<")) { - return send_json_error_reply("Requested API version is not supported"); + if (!preg_match("/^[a-zA-Z-_]+$/", $controller)) { + return send_json_error_reply("Invalid controller requested"); } if (!preg_match("/^[a-zA-Z-_]+$/", $function)) { return send_json_error_reply("Invalid function requested"); } - $controller = new $class; - return $controller->$function(); + $namespace = "controllers\\api\\v".$major; + $class = $namespace."\\".$controller; + $class_info = $namespace."\\api_info"; + + if (!class_exists($class_info) || version_compare($class_info::get_version(), $requested_version, "<")) { + return send_json_error_reply("Requested API version is not supported"); + } + + if (!class_exists($class)) { + return send_json_error_reply("Unknown controller requested"); + } + + $c= new $class; + if (!method_exists($c, $function)) { + return send_json_error_reply("Unknown function requested"); + } + return $c->$function(); } } diff --git a/application/controllers/api/api_controller.php b/application/controllers/api/api_controller.php index ca24dae59..2b9054b17 100644 --- a/application/controllers/api/api_controller.php +++ b/application/controllers/api/api_controller.php @@ -9,7 +9,6 @@ namespace controllers\api; -abstract class api_controller { - abstract static public function get_version(); +abstract class api_controller extends \CI_Controller { } diff --git a/application/controllers/api/v1.php b/application/controllers/api/v1.php deleted file mode 100644 index e6d3c56fe..000000000 --- a/application/controllers/api/v1.php +++ /dev/null @@ -1,83 +0,0 @@ - - * - * Licensed under AGPLv3 - * (see COPYING for full license text) - * - */ -namespace controllers\api; - -class v1 extends api_controller { - protected $json_enabled_functions = array( - "upload", - "get_config", - "history", - ); - - static public function get_version() - { - return "1.0.1"; - } - - public function __construct() - { - parent::__construct(); - - $this->load->model('mfile'); - $this->load->model('mmultipaste'); - } - - public function upload() - { - $this->muser->require_access("basic"); - - $files = getNormalizedFILES(); - - if (empty($files)) { - show_error("No file was uploaded or unknown error occured."); - } - - $errors = service\files::verify_uploaded_files($files); - if (!empty($errors)) { - return send_json_reply($errors, "upload-error"); - } - - $limits = $this->muser->get_upload_id_limits(); - $urls = array(); - - foreach ($files as $file) { - $id = $this->mfile->new_id($limits[0], $limits[1]); - service\files::add_file($id, $file["tmp_name"], $file["name"]); - $ids[] = $id; - $urls[] = site_url($id).'/'; - } - - return send_json_reply(array( - "ids" => $ids, - "urls" => $urls, - )); - } - - public function get_config() - { - return send_json_reply(array( - "upload_max_size" => $this->config->item("upload_max_size"), - )); - } - - public function history() - { - $this->muser->require_access("apikey"); - $history = service\files::history($this->muser->get_userid()); - return send_json_reply($history); - } - - public function delete() - { - $this->muser->require_access("apikey"); - - - } -} -# vim: set noet: -- cgit v1.2.3-24-g4f1b From 0c53ebac6e0328aea4551f5f1a97783f34c82866 Mon Sep 17 00:00:00 2001 From: Florian Pritz Date: Sun, 2 Nov 2014 13:30:21 +0100 Subject: add missing files Signed-off-by: Florian Pritz --- application/controllers/api/v1/api_info.php | 16 +++++++ application/controllers/api/v1/file.php | 72 +++++++++++++++++++++++++++++ 2 files changed, 88 insertions(+) create mode 100644 application/controllers/api/v1/api_info.php create mode 100644 application/controllers/api/v1/file.php (limited to 'application/controllers') diff --git a/application/controllers/api/v1/api_info.php b/application/controllers/api/v1/api_info.php new file mode 100644 index 000000000..3feaadfda --- /dev/null +++ b/application/controllers/api/v1/api_info.php @@ -0,0 +1,16 @@ + + * + * Licensed under AGPLv3 + * (see COPYING for full license text) + * + */ +namespace controllers\api\v1; + +class api_info extends \controllers\api\api_controller { + static public function get_version() + { + return "1.0.0"; + } +} diff --git a/application/controllers/api/v1/file.php b/application/controllers/api/v1/file.php new file mode 100644 index 000000000..fc855f7f9 --- /dev/null +++ b/application/controllers/api/v1/file.php @@ -0,0 +1,72 @@ + + * + * Licensed under AGPLv3 + * (see COPYING for full license text) + * + */ +namespace controllers\api\v1; + +class file extends \controllers\api\api_controller { + public function __construct() + { + parent::__construct(); + + $this->load->model('mfile'); + $this->load->model('mmultipaste'); + } + + public function upload() + { + $this->muser->require_access("basic"); + + $files = getNormalizedFILES(); + + if (empty($files)) { + show_error("No file was uploaded or unknown error occured."); + } + + $errors = \service\files::verify_uploaded_files($files); + if (!empty($errors)) { + return send_json_reply($errors, "upload-error"); + } + + $limits = $this->muser->get_upload_id_limits(); + $urls = array(); + + foreach ($files as $file) { + $id = $this->mfile->new_id($limits[0], $limits[1]); + \service\files::add_file($id, $file["tmp_name"], $file["name"]); + $ids[] = $id; + $urls[] = site_url($id).'/'; + } + + return send_json_reply(array( + "ids" => $ids, + "urls" => $urls, + )); + } + + public function get_config() + { + return send_json_reply(array( + "upload_max_size" => $this->config->item("upload_max_size"), + )); + } + + public function history() + { + $this->muser->require_access("apikey"); + $history = \service\files::history($this->muser->get_userid()); + return send_json_reply($history); + } + + public function delete() + { + $this->muser->require_access("apikey"); + + + } +} +# vim: set noet: -- cgit v1.2.3-24-g4f1b From 7f74792c2f82aee3cd98bd6304ced55894b43683 Mon Sep 17 00:00:00 2001 From: Florian Pritz Date: Sun, 4 Jan 2015 17:08:51 +0100 Subject: Improve history api for multipastes Signed-off-by: Florian Pritz --- application/controllers/file.php | 16 ++++++++++++++++ 1 file changed, 16 insertions(+) (limited to 'application/controllers') diff --git a/application/controllers/file.php b/application/controllers/file.php index ac2c4b4ca..5451836de 100644 --- a/application/controllers/file.php +++ b/application/controllers/file.php @@ -640,6 +640,22 @@ class File extends MY_Controller { $lengths[$length_key] = mb_strlen($value); } + foreach ($history["multipaste_items"] as $key => $item) { + $size = 0; + foreach ($item["items"] as $i) { + $size += $i["filesize"]; + } + + $history["items"][] = array( + "id" => $item["url_id"], + "filename" => count($item["items"])." file(s)", + "mimetype" => "", + "date" => $item["date"], + "hash" => "", + "filesize" => $size, + ); + } + $order = is_cli_client() ? "ASC" : "DESC"; uasort($history["items"], function($a, $b) use ($order) { -- cgit v1.2.3-24-g4f1b From 9670d794be886c036408de85773a0b7d204979b9 Mon Sep 17 00:00:00 2001 From: Florian Pritz Date: Sun, 4 Jan 2015 17:09:07 +0100 Subject: Fix error in file/upload_history Signed-off-by: Florian Pritz --- application/controllers/file.php | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) (limited to 'application/controllers') diff --git a/application/controllers/file.php b/application/controllers/file.php index 5451836de..57faa62f2 100644 --- a/application/controllers/file.php +++ b/application/controllers/file.php @@ -671,7 +671,7 @@ class File extends MY_Controller { if (is_cli_client()) { // Keep track of longest string to pad plaintext output correctly foreach($fields as $length_key => $value) { - $len = mb_strlen($items[$key][$length_key]); + $len = mb_strlen($history["items"][$key][$length_key]); if ($len > $lengths[$length_key]) { $lengths[$length_key] = $len; } -- cgit v1.2.3-24-g4f1b From 434143c2b01c203bf9030669a14055872121b2c0 Mon Sep 17 00:00:00 2001 From: Florian Pritz Date: Sun, 11 Jan 2015 01:39:22 +0100 Subject: improve api errors Signed-off-by: Florian Pritz --- application/controllers/api.php | 10 +++++----- application/controllers/api/v1/file.php | 2 +- 2 files changed, 6 insertions(+), 6 deletions(-) (limited to 'application/controllers') diff --git a/application/controllers/api.php b/application/controllers/api.php index a7bd09f34..7557c6c99 100644 --- a/application/controllers/api.php +++ b/application/controllers/api.php @@ -24,11 +24,11 @@ class Api extends MY_Controller { $major = intval(explode(".", $requested_version)[0]); if (!preg_match("/^[a-zA-Z-_]+$/", $controller)) { - return send_json_error_reply("Invalid controller requested"); + return send_json_error_reply("api/invalid-controller-value", "Invalid controller requested"); } if (!preg_match("/^[a-zA-Z-_]+$/", $function)) { - return send_json_error_reply("Invalid function requested"); + return send_json_error_reply("api/invalid-function-value", "Invalid function requested"); } $namespace = "controllers\\api\\v".$major; @@ -36,16 +36,16 @@ class Api extends MY_Controller { $class_info = $namespace."\\api_info"; if (!class_exists($class_info) || version_compare($class_info::get_version(), $requested_version, "<")) { - return send_json_error_reply("Requested API version is not supported"); + return send_json_error_reply("api/version-not-supported", "Requested API version is not supported"); } if (!class_exists($class)) { - return send_json_error_reply("Unknown controller requested"); + return send_json_error_reply("api/unknown-controller", "Unknown controller requested"); } $c= new $class; if (!method_exists($c, $function)) { - return send_json_error_reply("Unknown function requested"); + return send_json_error_reply("api/unknown-function", "Unknown function requested"); } return $c->$function(); } diff --git a/application/controllers/api/v1/file.php b/application/controllers/api/v1/file.php index fc855f7f9..869d29ed1 100644 --- a/application/controllers/api/v1/file.php +++ b/application/controllers/api/v1/file.php @@ -29,7 +29,7 @@ class file extends \controllers\api\api_controller { $errors = \service\files::verify_uploaded_files($files); if (!empty($errors)) { - return send_json_reply($errors, "upload-error"); + return send_json_error_reply("file/upload-verify-failed", "Failed to verify uploaded file", $errors); } $limits = $this->muser->get_upload_id_limits(); -- cgit v1.2.3-24-g4f1b From 32e68c2dfff62cbdd82950b4b4e20a3c895dfb1f Mon Sep 17 00:00:00 2001 From: Florian Pritz Date: Sun, 11 Jan 2015 01:39:40 +0100 Subject: add max_files_per_request to api/file/get_config Signed-off-by: Florian Pritz --- application/controllers/api/v1/file.php | 1 + 1 file changed, 1 insertion(+) (limited to 'application/controllers') diff --git a/application/controllers/api/v1/file.php b/application/controllers/api/v1/file.php index 869d29ed1..515286462 100644 --- a/application/controllers/api/v1/file.php +++ b/application/controllers/api/v1/file.php @@ -52,6 +52,7 @@ class file extends \controllers\api\api_controller { { return send_json_reply(array( "upload_max_size" => $this->config->item("upload_max_size"), + "max_files_per_request" => intval(ini_get("max_file_uploads")), )); } -- cgit v1.2.3-24-g4f1b From 8fd7c6c2ab80240ab1d163c9a4134822c7524144 Mon Sep 17 00:00:00 2001 From: Florian Pritz Date: Sun, 11 Jan 2015 01:40:07 +0100 Subject: add initial user api Signed-off-by: Florian Pritz --- application/controllers/api/v1/user.php | 24 +++++++++++++++++++ application/controllers/user.php | 42 +++------------------------------ 2 files changed, 27 insertions(+), 39 deletions(-) create mode 100644 application/controllers/api/v1/user.php (limited to 'application/controllers') diff --git a/application/controllers/api/v1/user.php b/application/controllers/api/v1/user.php new file mode 100644 index 000000000..831fdb883 --- /dev/null +++ b/application/controllers/api/v1/user.php @@ -0,0 +1,24 @@ + + * + * Licensed under AGPLv3 + * (see COPYING for full license text) + * + */ +namespace controllers\api\v1; + +class user extends \controllers\api\api_controller { + public function __construct() + { + parent::__construct(); + + $this->load->model('muser'); + } + + public function apikeys() + { + $this->muser->require_access("full"); + return send_json_reply(\service\user::apikeys($this->muser->get_userid())); + } +} diff --git a/application/controllers/user.php b/application/controllers/user.php index a702b63c7..62569e1f1 100644 --- a/application/controllers/user.php +++ b/application/controllers/user.php @@ -91,24 +91,7 @@ class User extends MY_Controller { $access_level = "apikey"; } - $valid_levels = $this->muser->get_access_levels(); - if (array_search($access_level, $valid_levels) === false) { - show_error("Invalid access levels requested."); - } - - if (strlen($comment) > 255) { - show_error("Comment may only be 255 chars long."); - } - - $key = random_alphanum(32); - - $this->db->set(array( - 'key' => $key, - 'user' => $userid, - 'comment' => $comment, - 'access_level' => $access_level - )) - ->insert('apikeys'); + $key = \service\user::create_apikey($userid, $comment, $access_level); if (static_storage("response_type") == "json") { return send_json_reply(array("new_key" => $key)); @@ -140,27 +123,8 @@ class User extends MY_Controller { $this->muser->require_access(); $userid = $this->muser->get_userid(); - - $query = $this->db->select('key, created, comment, access_level') - ->from('apikeys') - ->where('user', $userid) - ->order_by('created', 'desc') - ->get()->result_array(); - - // Convert timestamp to unix timestamp - // TODO: migrate database to integer timestamp and get rid of this - foreach ($query as &$record) { - if (!empty($record['created'])) { - $record['created'] = strtotime($record['created']); - } - } - unset($record); - - if (static_storage("response_type") == "json") { - return send_json_reply($query); - } - - $this->data["query"] = $query; + $apikeys = \service\user::apikeys($userid); + $this->data["query"] = $apikeys; $this->load->view('header', $this->data); $this->load->view($this->var->view_dir.'apikeys', $this->data); -- cgit v1.2.3-24-g4f1b From 01c881fd2c0f0c701a83e135f2142c9db3052422 Mon Sep 17 00:00:00 2001 From: Florian Pritz Date: Sun, 11 Jan 2015 23:35:38 +0100 Subject: fix multipaste in service/history Signed-off-by: Florian Pritz --- application/controllers/file.php | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) (limited to 'application/controllers') diff --git a/application/controllers/file.php b/application/controllers/file.php index 57faa62f2..5fce8afc8 100644 --- a/application/controllers/file.php +++ b/application/controllers/file.php @@ -643,7 +643,7 @@ class File extends MY_Controller { foreach ($history["multipaste_items"] as $key => $item) { $size = 0; foreach ($item["items"] as $i) { - $size += $i["filesize"]; + $size += $history["items"][$i["id"]]["filesize"]; } $history["items"][] = array( -- cgit v1.2.3-24-g4f1b From 0bed4fd5c9f67b60173df6638dc524d7b833c4e1 Mon Sep 17 00:00:00 2001 From: Florian Pritz Date: Sun, 11 Jan 2015 23:35:46 +0100 Subject: add some TODOs Signed-off-by: Florian Pritz --- application/controllers/api/v1/file.php | 3 ++- application/controllers/api/v1/user.php | 5 +++++ 2 files changed, 7 insertions(+), 1 deletion(-) (limited to 'application/controllers') diff --git a/application/controllers/api/v1/file.php b/application/controllers/api/v1/file.php index 515286462..56455c01e 100644 --- a/application/controllers/api/v1/file.php +++ b/application/controllers/api/v1/file.php @@ -50,6 +50,7 @@ class file extends \controllers\api\api_controller { public function get_config() { + // TODO: return more fields? return send_json_reply(array( "upload_max_size" => $this->config->item("upload_max_size"), "max_files_per_request" => intval(ini_get("max_file_uploads")), @@ -67,7 +68,7 @@ class file extends \controllers\api\api_controller { { $this->muser->require_access("apikey"); - + // TODO: implement } } # vim: set noet: diff --git a/application/controllers/api/v1/user.php b/application/controllers/api/v1/user.php index 831fdb883..4c2e5345d 100644 --- a/application/controllers/api/v1/user.php +++ b/application/controllers/api/v1/user.php @@ -21,4 +21,9 @@ class user extends \controllers\api\api_controller { $this->muser->require_access("full"); return send_json_reply(\service\user::apikeys($this->muser->get_userid())); } + + public function create_apikey() + { + // TODO: implement + } } -- cgit v1.2.3-24-g4f1b From 33efe571e3e7ebd607e92345c2e94e7fd8ae27f0 Mon Sep 17 00:00:00 2001 From: Florian Pritz Date: Mon, 2 Feb 2015 19:45:11 +0100 Subject: Rework api error handling Signed-off-by: Florian Pritz --- application/controllers/api.php | 62 ++++++++++++++++++--------------- application/controllers/api/v1/file.php | 4 +-- 2 files changed, 35 insertions(+), 31 deletions(-) (limited to 'application/controllers') diff --git a/application/controllers/api.php b/application/controllers/api.php index 7557c6c99..490f59c2c 100644 --- a/application/controllers/api.php +++ b/application/controllers/api.php @@ -18,35 +18,39 @@ class Api extends MY_Controller { } public function route() { - $requested_version = $this->uri->segment(2); - $controller = $this->uri->segment(3); - $function = $this->uri->segment(4); - $major = intval(explode(".", $requested_version)[0]); - - if (!preg_match("/^[a-zA-Z-_]+$/", $controller)) { - return send_json_error_reply("api/invalid-controller-value", "Invalid controller requested"); - } - - if (!preg_match("/^[a-zA-Z-_]+$/", $function)) { - return send_json_error_reply("api/invalid-function-value", "Invalid function requested"); - } - - $namespace = "controllers\\api\\v".$major; - $class = $namespace."\\".$controller; - $class_info = $namespace."\\api_info"; - - if (!class_exists($class_info) || version_compare($class_info::get_version(), $requested_version, "<")) { - return send_json_error_reply("api/version-not-supported", "Requested API version is not supported"); - } - - if (!class_exists($class)) { - return send_json_error_reply("api/unknown-controller", "Unknown controller requested"); - } - - $c= new $class; - if (!method_exists($c, $function)) { - return send_json_error_reply("api/unknown-function", "Unknown function requested"); + try { + $requested_version = $this->uri->segment(2); + $controller = $this->uri->segment(3); + $function = $this->uri->segment(4); + $major = intval(explode(".", $requested_version)[0]); + + if (!preg_match("/^[a-zA-Z-_]+$/", $controller)) { + throw new \exceptions\PublicApiException("api/invalid-controller-value", "Invalid controller requested"); + } + + if (!preg_match("/^[a-zA-Z-_]+$/", $function)) { + throw new \exceptions\PublicApiException("api/invalid-function-value", "Invalid function requested"); + } + + $namespace = "controllers\\api\\v".$major; + $class = $namespace."\\".$controller; + $class_info = $namespace."\\api_info"; + + if (!class_exists($class_info) || version_compare($class_info::get_version(), $requested_version, "<")) { + throw new \exceptions\PublicApiException("api/version-not-supported", "Requested API version is not supported"); + } + + if (!class_exists($class)) { + throw new \exceptions\PublicApiException("api/unknown-controller", "Unknown controller requested"); + } + + $c= new $class; + if (!method_exists($c, $function)) { + throw new \exceptions\PublicApiException("api/unknown-function", "Unknown function requested"); + } + return $c->$function(); + } catch (\exceptions\PublicApiException $e) { + return send_json_error_reply($e->get_error_id(), $e->getMessage(), $e->get_data()); } - return $c->$function(); } } diff --git a/application/controllers/api/v1/file.php b/application/controllers/api/v1/file.php index 56455c01e..c291ae879 100644 --- a/application/controllers/api/v1/file.php +++ b/application/controllers/api/v1/file.php @@ -24,12 +24,12 @@ class file extends \controllers\api\api_controller { $files = getNormalizedFILES(); if (empty($files)) { - show_error("No file was uploaded or unknown error occured."); + throw new \exceptions\PublicApiException("file/no-file", "No file was uploaded or unknown error occured."); } $errors = \service\files::verify_uploaded_files($files); if (!empty($errors)) { - return send_json_error_reply("file/upload-verify-failed", "Failed to verify uploaded file", $errors); + throw new \exceptions\PublicApiException("file/upload-verify-failed", "Failed to verify uploaded file", $errors); } $limits = $this->muser->get_upload_id_limits(); -- cgit v1.2.3-24-g4f1b From cb52a4cdc2daa45a61c728f5ec83603e6c6a71fa Mon Sep 17 00:00:00 2001 From: Florian Pritz Date: Tue, 3 Feb 2015 00:23:12 +0100 Subject: Rework error handling in upload validator Signed-off-by: Florian Pritz --- application/controllers/api/v1/file.php | 5 +---- application/controllers/file.php | 14 +------------- 2 files changed, 2 insertions(+), 17 deletions(-) (limited to 'application/controllers') diff --git a/application/controllers/api/v1/file.php b/application/controllers/api/v1/file.php index c291ae879..82060e420 100644 --- a/application/controllers/api/v1/file.php +++ b/application/controllers/api/v1/file.php @@ -27,10 +27,7 @@ class file extends \controllers\api\api_controller { throw new \exceptions\PublicApiException("file/no-file", "No file was uploaded or unknown error occured."); } - $errors = \service\files::verify_uploaded_files($files); - if (!empty($errors)) { - throw new \exceptions\PublicApiException("file/upload-verify-failed", "Failed to verify uploaded file", $errors); - } + \service\files::verify_uploaded_files($files); $limits = $this->muser->get_upload_id_limits(); $urls = array(); diff --git a/application/controllers/file.php b/application/controllers/file.php index 5fce8afc8..e35978a1e 100644 --- a/application/controllers/file.php +++ b/application/controllers/file.php @@ -897,19 +897,7 @@ class File extends MY_Controller { $files = getNormalizedFILES(); - if (empty($files)) { - show_error("No file was uploaded or unknown error occured."); - } - - $errors = service\files::verify_uploaded_files($files); - if (!empty($errors)) { - $messages = array(); - foreach ($errors as $error) { - $messages[] = htmlspecialchars($error["filename"]).": ".$error["message"]; - } - show_error("Error(s) occured while uploading:
".implode("
", $messages), 400); - } - + service\files::verify_uploaded_files($files); $limits = $this->muser->get_upload_id_limits(); foreach ($files as $key => $file) { -- cgit v1.2.3-24-g4f1b From e2c2740365b1f25beca1e174c8c5bda2950b7466 Mon Sep 17 00:00:00 2001 From: Florian Pritz Date: Tue, 3 Feb 2015 00:44:46 +0100 Subject: implement api/user/create_apikey Signed-off-by: Florian Pritz --- application/controllers/api/v1/user.php | 14 ++++++++++++-- 1 file changed, 12 insertions(+), 2 deletions(-) (limited to 'application/controllers') diff --git a/application/controllers/api/v1/user.php b/application/controllers/api/v1/user.php index 4c2e5345d..39c833d86 100644 --- a/application/controllers/api/v1/user.php +++ b/application/controllers/api/v1/user.php @@ -21,9 +21,19 @@ class user extends \controllers\api\api_controller { $this->muser->require_access("full"); return send_json_reply(\service\user::apikeys($this->muser->get_userid())); } - + public function create_apikey() { - // TODO: implement + $this->muser->require_access("full"); + $userid = $this->muser->get_userid(); + $comment = $this->input->post("comment"); + $comment = $comment === false ? "" : $comment; + $access_level = $this->input->post("access_level"); + + $key = \service\user::create_apikey($userid, $comment, $access_level); + + return send_json_reply(array( + "new_key" => $key, + )); } } -- cgit v1.2.3-24-g4f1b From 6816970229c6d0bd46ba46ecd70199c0687952da Mon Sep 17 00:00:00 2001 From: Florian Pritz Date: Tue, 3 Feb 2015 11:12:01 +0100 Subject: api: handle json reply in api controller Signed-off-by: Florian Pritz --- application/controllers/api.php | 2 +- application/controllers/api/v1/file.php | 10 +++++----- application/controllers/api/v1/user.php | 6 +++--- 3 files changed, 9 insertions(+), 9 deletions(-) (limited to 'application/controllers') diff --git a/application/controllers/api.php b/application/controllers/api.php index 490f59c2c..dc31f47d2 100644 --- a/application/controllers/api.php +++ b/application/controllers/api.php @@ -48,7 +48,7 @@ class Api extends MY_Controller { if (!method_exists($c, $function)) { throw new \exceptions\PublicApiException("api/unknown-function", "Unknown function requested"); } - return $c->$function(); + return send_json_reply($c->$function()); } catch (\exceptions\PublicApiException $e) { return send_json_error_reply($e->get_error_id(), $e->getMessage(), $e->get_data()); } diff --git a/application/controllers/api/v1/file.php b/application/controllers/api/v1/file.php index 82060e420..3aafd4732 100644 --- a/application/controllers/api/v1/file.php +++ b/application/controllers/api/v1/file.php @@ -39,26 +39,26 @@ class file extends \controllers\api\api_controller { $urls[] = site_url($id).'/'; } - return send_json_reply(array( + return array( "ids" => $ids, "urls" => $urls, - )); + ); } public function get_config() { // TODO: return more fields? - return send_json_reply(array( + return array( "upload_max_size" => $this->config->item("upload_max_size"), "max_files_per_request" => intval(ini_get("max_file_uploads")), - )); + ); } public function history() { $this->muser->require_access("apikey"); $history = \service\files::history($this->muser->get_userid()); - return send_json_reply($history); + return $history; } public function delete() diff --git a/application/controllers/api/v1/user.php b/application/controllers/api/v1/user.php index 39c833d86..e49b7c657 100644 --- a/application/controllers/api/v1/user.php +++ b/application/controllers/api/v1/user.php @@ -19,7 +19,7 @@ class user extends \controllers\api\api_controller { public function apikeys() { $this->muser->require_access("full"); - return send_json_reply(\service\user::apikeys($this->muser->get_userid())); + return \service\user::apikeys($this->muser->get_userid()); } public function create_apikey() @@ -32,8 +32,8 @@ class user extends \controllers\api\api_controller { $key = \service\user::create_apikey($userid, $comment, $access_level); - return send_json_reply(array( + return array( "new_key" => $key, - )); + ); } } -- cgit v1.2.3-24-g4f1b From 9ea78213f8e505b5fde7372106adc1947d1f7de2 Mon Sep 17 00:00:00 2001 From: Florian Pritz Date: Tue, 3 Feb 2015 11:14:29 +0100 Subject: Improve general exception handling Signed-off-by: Florian Pritz --- application/controllers/api.php | 3 +++ 1 file changed, 3 insertions(+) (limited to 'application/controllers') diff --git a/application/controllers/api.php b/application/controllers/api.php index dc31f47d2..3297f0614 100644 --- a/application/controllers/api.php +++ b/application/controllers/api.php @@ -51,6 +51,9 @@ class Api extends MY_Controller { return send_json_reply($c->$function()); } catch (\exceptions\PublicApiException $e) { return send_json_error_reply($e->get_error_id(), $e->getMessage(), $e->get_data()); + } catch (\Exception $e) { + _log_exception($e); + return send_json_error_reply("internal-error", "An unhandled internal server error occured"); } } } -- cgit v1.2.3-24-g4f1b From d9c895ce4f53b180fc11c3b5a172c4cf787b1279 Mon Sep 17 00:00:00 2001 From: Florian Pritz Date: Tue, 3 Feb 2015 11:18:28 +0100 Subject: Remove unstable json api Signed-off-by: Florian Pritz --- application/controllers/file.php | 20 -------------------- application/controllers/user.php | 9 --------- 2 files changed, 29 deletions(-) (limited to 'application/controllers') diff --git a/application/controllers/file.php b/application/controllers/file.php index e35978a1e..63f6a71b5 100644 --- a/application/controllers/file.php +++ b/application/controllers/file.php @@ -9,13 +9,6 @@ class File extends MY_Controller { - protected $json_enabled_functions = array( - "upload_history", - "do_upload", - "do_delete", - "do_multipaste", - ); - function __construct() { parent::__construct(); @@ -470,10 +463,6 @@ class File extends MY_Controller { } } - if (static_storage("response_type") == "json") { - return send_json_reply($this->data["urls"]); - } - if (is_cli_client()) { $redirect = false; } @@ -740,15 +729,6 @@ class File extends MY_Controller { ); } - if (static_storage("response_type") == "json") { - return send_json_reply(array( - "errors" => $errors, - "deleted" => $deleted, - "total_count" => $total_count, - "deleted_count" => $deleted_count, - )); - } - $this->data["errors"] = $errors; $this->data["deleted_count"] = $deleted_count; $this->data["total_count"] = $total_count; diff --git a/application/controllers/user.php b/application/controllers/user.php index 62569e1f1..aba2a8ec1 100644 --- a/application/controllers/user.php +++ b/application/controllers/user.php @@ -8,11 +8,6 @@ */ class User extends MY_Controller { - protected $json_enabled_functions = array( - "create_apikey", - "apikeys", - ); - function __construct() { @@ -93,10 +88,6 @@ class User extends MY_Controller { $key = \service\user::create_apikey($userid, $comment, $access_level); - if (static_storage("response_type") == "json") { - return send_json_reply(array("new_key" => $key)); - } - if (is_cli_client()) { echo "$key\n"; } else { -- cgit v1.2.3-24-g4f1b From a788fe55713e7c44068ee2dd8377b98037d9375f Mon Sep 17 00:00:00 2001 From: Florian Pritz Date: Tue, 3 Feb 2015 11:38:03 +0100 Subject: api: implement file/delete Signed-off-by: Florian Pritz --- application/controllers/api/v1/file.php | 4 +-- application/controllers/file.php | 51 +++------------------------------ 2 files changed, 6 insertions(+), 49 deletions(-) (limited to 'application/controllers') diff --git a/application/controllers/api/v1/file.php b/application/controllers/api/v1/file.php index 3aafd4732..0035d0a02 100644 --- a/application/controllers/api/v1/file.php +++ b/application/controllers/api/v1/file.php @@ -64,8 +64,8 @@ class file extends \controllers\api\api_controller { public function delete() { $this->muser->require_access("apikey"); - - // TODO: implement + $ids = $this->input->post("ids"); + return \service\files::delete($ids); } } # vim: set noet: diff --git a/application/controllers/file.php b/application/controllers/file.php index 63f6a71b5..1b45c1ba3 100644 --- a/application/controllers/file.php +++ b/application/controllers/file.php @@ -683,55 +683,12 @@ class File extends MY_Controller { $this->muser->require_access("apikey"); $ids = $this->input->post("ids"); - $userid = $this->muser->get_userid(); - $errors = array(); - $deleted = array(); - $deleted_count = 0; - $total_count = 0; - - if (!$ids || !is_array($ids)) { - show_error("No IDs specified"); - } - foreach ($ids as $id) { - $total_count++; - $next = false; - - foreach (array($this->mfile, $this->mmultipaste) as $model) { - if ($model->id_exists($id)) { - if ($model->get_owner($id) !== $userid) { - $errors[] = array( - "id" => $id, - "reason" => "wrong owner", - ); - continue; - } - if ($model->delete_id($id)) { - $deleted[] = $id; - $deleted_count++; - $next = true; - } else { - $errors[] = array( - "id" => $id, - "reason" => "unknown error", - ); - } - } - } - - if ($next) { - continue; - } - - $errors[] = array( - "id" => $id, - "reason" => "doesn't exist", - ); - } + $ret = \service\files::delete($ids); - $this->data["errors"] = $errors; - $this->data["deleted_count"] = $deleted_count; - $this->data["total_count"] = $total_count; + $this->data["errors"] = $ret["errors"]; + $this->data["deleted_count"] = $ret["deleted_count"]; + $this->data["total_count"] = $ret["total_count"]; $this->load->view('header', $this->data); $this->load->view($this->var->view_dir.'/deleted', $this->data); -- cgit v1.2.3-24-g4f1b From 5816cbcad0e9c4cda4dc10b730a5a1ea2c4e419a Mon Sep 17 00:00:00 2001 From: Florian Pritz Date: Tue, 3 Feb 2015 12:11:28 +0100 Subject: api: implement file/create_multipaste Signed-off-by: Florian Pritz --- application/controllers/api/v1/file.php | 10 +++++++ application/controllers/file.php | 49 ++------------------------------- 2 files changed, 13 insertions(+), 46 deletions(-) (limited to 'application/controllers') diff --git a/application/controllers/api/v1/file.php b/application/controllers/api/v1/file.php index 0035d0a02..fc5565416 100644 --- a/application/controllers/api/v1/file.php +++ b/application/controllers/api/v1/file.php @@ -67,5 +67,15 @@ class file extends \controllers\api\api_controller { $ids = $this->input->post("ids"); return \service\files::delete($ids); } + + public function create_multipaste() + { + $this->muser->require_access("apikey"); + $ids = $this->input->post("ids"); + $userid = $this->muser->get_userid(); + $limits = $this->muser->get_upload_id_limits(); + + return \service\files::create_multipaste($ids, $userid, $limits); + } } # vim: set noet: diff --git a/application/controllers/file.php b/application/controllers/file.php index 1b45c1ba3..c60831cba 100644 --- a/application/controllers/file.php +++ b/application/controllers/file.php @@ -700,55 +700,12 @@ class File extends MY_Controller { $this->muser->require_access("apikey"); $ids = $this->input->post("ids"); - $errors = array(); - - if (!$ids || !is_array($ids)) { - show_error("No IDs specified"); - } - - if (count(array_unique($ids)) != count($ids)) { - show_error("Duplicate IDs are not supported"); - } - - foreach ($ids as $id) { - if (!$this->mfile->id_exists($id)) { - $errors[] = array( - "id" => $id, - "reason" => "doesn't exist", - ); - } - - $filedata = $this->mfile->get_filedata($id); - if ($filedata["user"] != $this->muser->get_userid()) { - $errors[] = array( - "id" => $id, - "reason" => "not owned by you", - ); - } - } - - if (!empty($errors)) { - $errorstring = ""; - foreach ($errors as $error) { - $errorstring .= $error["id"]." ".$error["reason"]."
\n"; - } - show_error($errorstring); - } - + $userid = $this->muser->get_userid(); $limits = $this->muser->get_upload_id_limits(); - $url_id = $this->mmultipaste->new_id($limits[0], $limits[1]); - - $multipaste_id = $this->mmultipaste->get_multipaste_id($url_id); - assert($multipaste_id !== false); - foreach ($ids as $id) { - $this->db->insert("multipaste_file_map", array( - "file_url_id" => $id, - "multipaste_id" => $multipaste_id, - )); - } + $ret = \service\files::create_multipaste($ids, $userid, $limits); - return $this->_show_url(array($url_id), false); + return $this->_show_url(array($ret["url_id"]), false); } function delete() -- cgit v1.2.3-24-g4f1b From a842392c30e9ef1d1d2bd9b4eb271c3fd23b853f Mon Sep 17 00:00:00 2001 From: Florian Pritz Date: Tue, 3 Feb 2015 17:17:27 +0100 Subject: Use exceptions instead of show_error Signed-off-by: Florian Pritz --- application/controllers/file.php | 22 ++++++++++++---------- application/controllers/tools.php | 4 ++-- application/controllers/user.php | 10 +++++----- 3 files changed, 19 insertions(+), 17 deletions(-) (limited to 'application/controllers') diff --git a/application/controllers/file.php b/application/controllers/file.php index c60831cba..538155c55 100644 --- a/application/controllers/file.php +++ b/application/controllers/file.php @@ -108,7 +108,7 @@ class File extends MY_Controller { default: if ($is_multipaste) { - show_error("Invalid action \"".htmlspecialchars($lexer)."\""); + throw new \exceptions\UserInputException("file/download/invalid-action", "Invalid action \"".htmlspecialchars($lexer)."\""); } break; } @@ -384,7 +384,7 @@ class File extends MY_Controller { } if ($total_size > $this->config->item("tarball_max_size")) { - show_error("Tarball too large, refusing to create."); + throw new \exceptions\PublicApiException("file/tarball/tarball-filesize-limit", "Tarball too large, refusing to create."); } $tmpfile = $archive->begin(); @@ -554,7 +554,7 @@ class File extends MY_Controller { $filedata = $this->mfile->get_filedata($id); if (!$filedata) { - show_error("Failed to get file data"); + throw new \exceptions\ApiException("file/thumbnail/filedata-unavailable", "Failed to get file data"); } $cache_key = $filedata['hash'].'_thumb_'.$thumb_size; @@ -566,7 +566,7 @@ class File extends MY_Controller { $thumb = $img->get(IMAGETYPE_JPEG); if ($thumb === false) { - show_error("Failed to generate thumbnail"); + throw new \exceptions\PublicApiException("file/thumbnail/generation-failed", "Failed to generate thumbnail"); } return $thumb; @@ -713,7 +713,7 @@ class File extends MY_Controller { $this->muser->require_access("apikey"); if (!is_cli_client()) { - show_error("Not a listed cli client, please use the history to delete uploads.\n", 403); + throw new \exceptions\InsufficientPermissionsException("file/delete/unlisted-client", "Not a listed cli client, please use the history to delete uploads"); } $id = $this->uri->segment(3); @@ -735,7 +735,9 @@ class File extends MY_Controller { } } - show_error("Unknown ID '$id'.", 404); + throw new \exceptions\NotFoundException("file/delete/unknown-id", "Unknown ID '$id'.", array( + "id" => $id, + )); } // Handle pastes @@ -754,11 +756,11 @@ class File extends MY_Controller { $filename = "stdin"; if (!$content) { - show_error("Nothing was pasted, content is empty.", 400); + throw new \exceptions\UserInputException("file/do_paste/empty-input", "Nothing was pasted, content is empty."); } if ($filesize > $this->config->item('upload_max_size')) { - show_error("Error while uploading: File too big", 413); + throw new \exceptions\RequestTooBigException("file/do_paste/request-too-big", "Error while uploading: File too big"); } // FIXME: this duplicates service\files::add_file (kind of) @@ -840,7 +842,7 @@ class File extends MY_Controller { $last_upload = $this->session->userdata("last_upload"); if ($last_upload === false) { - show_error("Failed to get last upload data"); + throw new \exceptions\PublicApiException("file/claim_id/last_upload-failed", "Failed to get last upload data, unable to claim uploads"); } $ids = $last_upload["ids"]; @@ -859,7 +861,7 @@ class File extends MY_Controller { } if (!empty($errors)) { - show_error("Someone already owns '".implode(", ", $errors)."', can't reassign."); + throw new \exceptions\PublicApiException("file/claim_id/already-owned", "Someone already owns '".implode(", ", $errors)."', can't reassign."); } $this->session->unset_userdata("last_upload"); diff --git a/application/controllers/tools.php b/application/controllers/tools.php index b80dc5024..8c0785409 100644 --- a/application/controllers/tools.php +++ b/application/controllers/tools.php @@ -15,7 +15,7 @@ class Tools extends MY_Controller { $this->load->model('mfile'); if (!$this->input->is_cli_request()) { - show_error("This can only be called via CLI"); + throw new \exceptions\ApiException("api/cli-only", "This can only be called via CLI"); } } @@ -39,7 +39,7 @@ class Tools extends MY_Controller { { $this->load->library('migration'); if ( ! $this->migration->current()) { - show_error($this->migration->error_string()); + throw new \exceptions\ApiException("tools/update_database/migration-error", $this->migration->error_string()); } } } diff --git a/application/controllers/user.php b/application/controllers/user.php index aba2a8ec1..5b4e85141 100644 --- a/application/controllers/user.php +++ b/application/controllers/user.php @@ -136,7 +136,7 @@ class User extends MY_Controller { ->count_all_results(); if ($invitations + 1 > 3) { - show_error("You can't create more invitation keys at this time."); + throw new \exceptions\PublicApiException("user/invitation-limit", "You can't create more invitation keys at this time."); } $key = random_alphanum(12, 16); @@ -277,7 +277,7 @@ class User extends MY_Controller { $username = $this->input->post("username"); if (!$this->muser->username_exists($username)) { - show_error("Invalid username"); + throw new \exceptions\PublicApiException("user/reset_password/invalid-username", "Invalid username"); } $userinfo = $this->db->select('id, email, username') @@ -388,18 +388,18 @@ class User extends MY_Controller { $values = explode("-", $value); if (!is_array($values) || count($values) != 2) { - show_error("Invalid upload id limit value"); + throw new \exceptions\PublicApiException("user/profile/invalid-upload-id-limit", "Invalid upload id limit value"); } $lower = intval($values[0]); $upper = intval($values[1]); if ($lower > $upper) { - show_error("lower limit > upper limit"); + throw new \exceptions\PublicApiException("user/profile/lower-bigger-than-upper", "lower limit > upper limit"); } if ($lower < 3 || $upper > 64) { - show_error("upper or lower limit out of bounds (3-64)"); + throw new \exceptions\PublicApiException("user/profile/limit-out-of-bounds", "upper or lower limit out of bounds (3-64)"); } return $lower."-".$upper; -- cgit v1.2.3-24-g4f1b From 46fe1f6db8395381c71e2e7fba3d1c2d979cbfbc Mon Sep 17 00:00:00 2001 From: Florian Pritz Date: Tue, 3 Feb 2015 17:27:40 +0100 Subject: lib/Image->get: check if ob_get_clean worked Signed-off-by: Florian Pritz --- application/controllers/file.php | 5 ----- 1 file changed, 5 deletions(-) (limited to 'application/controllers') diff --git a/application/controllers/file.php b/application/controllers/file.php index 538155c55..fa34ecba9 100644 --- a/application/controllers/file.php +++ b/application/controllers/file.php @@ -564,11 +564,6 @@ class File extends MY_Controller { $img = new libraries\Image($this->mfile->file($filedata["hash"])); $img->makeThumb($thumb_size, $thumb_size); $thumb = $img->get(IMAGETYPE_JPEG); - - if ($thumb === false) { - throw new \exceptions\PublicApiException("file/thumbnail/generation-failed", "Failed to generate thumbnail"); - } - return $thumb; }); -- cgit v1.2.3-24-g4f1b From d3726c7c0e497def97efcf610fdcac9bbebb0f3e Mon Sep 17 00:00:00 2001 From: Florian Pritz Date: Thu, 5 Feb 2015 21:49:12 +0100 Subject: Add simple testsuite Signed-off-by: Florian Pritz --- application/controllers/tools.php | 37 +++++++++++++++++++++++++++++++++++++ 1 file changed, 37 insertions(+) (limited to 'application/controllers') diff --git a/application/controllers/tools.php b/application/controllers/tools.php index 8c0785409..f04f86224 100644 --- a/application/controllers/tools.php +++ b/application/controllers/tools.php @@ -42,4 +42,41 @@ class Tools extends MY_Controller { throw new \exceptions\ApiException("tools/update_database/migration-error", $this->migration->error_string()); } } + + function drop_all_tables_using_prefix() + { + $tables = $this->db->list_tables(); + $prefix = $this->db->dbprefix; + $tables_to_drop = array(); + + foreach ($tables as $table) { + if (strpos($table, $prefix) === 0) { + $tables_to_drop[] = $this->db->protect_identifiers($table); + } + } + + $this->db->query('SET FOREIGN_KEY_CHECKS = 0'); + $this->db->query('DROP TABLE '.implode(", ", $tables_to_drop)); + $this->db->query('SET FOREIGN_KEY_CHECKS = 1'); + } + + function test() + { + global $argv; + $url = $argv[3]; + $testcase = $argv[4]; + + $testclass = '\tests\\'.$testcase; + $test = new $testclass(); + $test->setServer($url); + + $refl = new ReflectionClass($test); + foreach ($refl->getMethods() as $method) { + if (strpos($method->name, "test_") === 0) { + $test->init(); + $test->{$method->name}(); + $test->cleanup(); + } + } + } } -- cgit v1.2.3-24-g4f1b From 89191e702cad9dae78151addd19185695fb19d39 Mon Sep 17 00:00:00 2001 From: Florian Pritz Date: Sun, 8 Feb 2015 01:14:26 +0100 Subject: run-tests.sh: Clean up old database before running tests Signed-off-by: Florian Pritz --- application/controllers/tools.php | 4 ++++ 1 file changed, 4 insertions(+) (limited to 'application/controllers') diff --git a/application/controllers/tools.php b/application/controllers/tools.php index f04f86224..e36b09b79 100644 --- a/application/controllers/tools.php +++ b/application/controllers/tools.php @@ -55,6 +55,10 @@ class Tools extends MY_Controller { } } + if (empty($tables_to_drop)) { + return; + } + $this->db->query('SET FOREIGN_KEY_CHECKS = 0'); $this->db->query('DROP TABLE '.implode(", ", $tables_to_drop)); $this->db->query('SET FOREIGN_KEY_CHECKS = 1'); -- cgit v1.2.3-24-g4f1b From cb2df59b45d4cb35790472f76b06c59b22c6213b Mon Sep 17 00:00:00 2001 From: Florian Pritz Date: Tue, 10 Feb 2015 23:32:23 +0100 Subject: api: Require the version to start with v Makes the URL easier to understand (especially the v1 case). Signed-off-by: Florian Pritz --- application/controllers/api.php | 7 +++++++ 1 file changed, 7 insertions(+) (limited to 'application/controllers') diff --git a/application/controllers/api.php b/application/controllers/api.php index 3297f0614..837f62e89 100644 --- a/application/controllers/api.php +++ b/application/controllers/api.php @@ -22,6 +22,13 @@ class Api extends MY_Controller { $requested_version = $this->uri->segment(2); $controller = $this->uri->segment(3); $function = $this->uri->segment(4); + + if (!preg_match("/^v([0-9]+)(.[0-9]+){0,2}$/", $requested_version)) { + throw new \exceptions\PublicApiException("api/invalid-version", "Invalid API version requested"); + } + + $requested_version = substr($requested_version, 1); + $major = intval(explode(".", $requested_version)[0]); if (!preg_match("/^[a-zA-Z-_]+$/", $controller)) { -- cgit v1.2.3-24-g4f1b From bfbbf4082779a7535cac2fb270fd928178ae7e70 Mon Sep 17 00:00:00 2001 From: Florian Pritz Date: Sat, 14 Feb 2015 19:10:19 +0100 Subject: Unify exceptions for unknown/invalid endpoints Signed-off-by: Florian Pritz --- application/controllers/api.php | 8 ++++---- 1 file changed, 4 insertions(+), 4 deletions(-) (limited to 'application/controllers') diff --git a/application/controllers/api.php b/application/controllers/api.php index 837f62e89..644a726e7 100644 --- a/application/controllers/api.php +++ b/application/controllers/api.php @@ -32,11 +32,11 @@ class Api extends MY_Controller { $major = intval(explode(".", $requested_version)[0]); if (!preg_match("/^[a-zA-Z-_]+$/", $controller)) { - throw new \exceptions\PublicApiException("api/invalid-controller-value", "Invalid controller requested"); + throw new \exceptions\PublicApiException("api/invalid-endpoint", "Invalid endpoint requested"); } if (!preg_match("/^[a-zA-Z-_]+$/", $function)) { - throw new \exceptions\PublicApiException("api/invalid-function-value", "Invalid function requested"); + throw new \exceptions\PublicApiException("api/invalid-endpoint", "Invalid endpoint requested"); } $namespace = "controllers\\api\\v".$major; @@ -48,12 +48,12 @@ class Api extends MY_Controller { } if (!class_exists($class)) { - throw new \exceptions\PublicApiException("api/unknown-controller", "Unknown controller requested"); + throw new \exceptions\PublicApiException("api/unknown-endpoint", "Unknown endpoint requested"); } $c= new $class; if (!method_exists($c, $function)) { - throw new \exceptions\PublicApiException("api/unknown-function", "Unknown function requested"); + throw new \exceptions\PublicApiException("api/unknown-endpoint", "Unknown endpoint requested"); } return send_json_reply($c->$function()); } catch (\exceptions\PublicApiException $e) { -- cgit v1.2.3-24-g4f1b From b8facbbd7a9a29c6274c435932b9c810155e2460 Mon Sep 17 00:00:00 2001 From: Florian Pritz Date: Sat, 14 Feb 2015 19:12:13 +0100 Subject: Fix typo in error message Signed-off-by: Florian Pritz --- application/controllers/api/v1/file.php | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) (limited to 'application/controllers') diff --git a/application/controllers/api/v1/file.php b/application/controllers/api/v1/file.php index fc5565416..a10aaf63a 100644 --- a/application/controllers/api/v1/file.php +++ b/application/controllers/api/v1/file.php @@ -24,7 +24,7 @@ class file extends \controllers\api\api_controller { $files = getNormalizedFILES(); if (empty($files)) { - throw new \exceptions\PublicApiException("file/no-file", "No file was uploaded or unknown error occured."); + throw new \exceptions\PublicApiException("file/no-file", "No file was uploaded or unknown error occurred."); } \service\files::verify_uploaded_files($files); -- cgit v1.2.3-24-g4f1b From d7fc5f46a8b6faec4ec0c18089d94d21e505c36c Mon Sep 17 00:00:00 2001 From: Florian Pritz Date: Sat, 14 Feb 2015 19:13:26 +0100 Subject: Use assoc array for service/user/apikeys Signed-off-by: Florian Pritz --- application/controllers/user.php | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) (limited to 'application/controllers') diff --git a/application/controllers/user.php b/application/controllers/user.php index 5b4e85141..33d0efb6b 100644 --- a/application/controllers/user.php +++ b/application/controllers/user.php @@ -115,7 +115,7 @@ class User extends MY_Controller { $userid = $this->muser->get_userid(); $apikeys = \service\user::apikeys($userid); - $this->data["query"] = $apikeys; + $this->data["query"] = $apikeys["apikeys"]; $this->load->view('header', $this->data); $this->load->view($this->var->view_dir.'apikeys', $this->data); -- cgit v1.2.3-24-g4f1b