Commit 3d42eda

author

fuze

committed

три новых метода + мелкие правки

1 parent 3f99a90 commit 3d42edaCopy full SHA for 3d42eda

File tree

8 files changed

+258

-6

lines changed

package/system
- controllers/api
  - actions
    - method.php
  - api_actions
  - backend/forms
    - form_key.php
  - model.php
- languages
  - en/controllers/api
    - api.php
  - ru/controllers/api
    - api.php

8 files changed

+258

-6

lines changed

`‎package/system/controllers/api/actions/method.php‎`

Lines changed: 3 additions & 5 deletions

Original file line number	Diff line number	Diff line change
`@@ -316,12 +316,10 @@ public function checkRequest() {`
`316`	`316`	`return $this->error(23);`
`317`	`317`	`}`
`318`	`318`
`319`		`- $method_name = str_replace('.', '_', $this->method_name);`
	`319`	`+ $is_view = !$this->key['methods_access']['allow'] \|\| in_array($this->method_name, $this->key['methods_access']['allow']);`
	`320`	`+ $is_hide = $this->key['methods_access']['disallow'] && in_array($this->method_name, $this->key['methods_access']['disallow']);`
`320`	`321`
`321`		`- $is_view = !$this->key['methods_access']['allow'] \|\| in_array($method_name, $this->key['methods_access']['allow']);`
`322`		`- $is_hide = $this->key['methods_access']['disallow'] && in_array($method_name, $this->key['methods_access']['disallow']);`
`323`		`-`
`324`		`- // првоеряем доступ к методу`
	`322`	`+ // проверяем доступ к методу`
`325`	`323`	`if (!$is_view \|\| $is_hide) {`
`326`	`324`	`return $this->error(24);`
`327`	`325`	`}`

`‎package/system/controllers/api/api_actions/api_users_add_to_groups.php‎`

Lines changed: 94 additions & 0 deletions

Original file line number	Diff line number	Diff line change
`@@ -0,0 +1,94 @@`
	`1`	`+<?php`
	`2`	`+`
	`3`	`+class actionUsersApiUsersAddToGroups extends cmsAction {`
	`4`	`+`
	`5`	`+ /**`
	`6`	`+ * Блокировка прямого вызова экшена`
	`7`	`+ * обязательное свойство`
	`8`	`+ * @var boolean`
	`9`	`+ */`
	`10`	`+ public $lock_explicit_call = true;`
	`11`	`+ /**`
	`12`	`+ * Результат запроса`
	`13`	`+ * обязательное свойство`
	`14`	`+ * @var array`
	`15`	`+ */`
	`16`	`+ public $result;`
	`17`	`+ /**`
	`18`	`+ * Флаг, обязующий проверять параметр sig запроса`
	`19`	`+ * sig привязан к домену сайта и к ip адресу посетителя`
	`20`	`+ * @var boolean`
	`21`	`+ */`
	`22`	`+ public $check_sig = true;`
	`23`	`+`
	`24`	`+ /**`
	`25`	`+ * Возможные параметры запроса`
	`26`	`+ * с правилами валидации`
	`27`	`+ * Если запрос имеет параметры, необходимо описать их здесь`
	`28`	`+ * Правила валидации параметров задаются по аналогии с полями форм`
	`29`	`+ * @var array`
	`30`	`+ */`
	`31`	`+ public $request_params = array(`
	`32`	`+ 'user_id' => array(`
	`33`	`+ 'default' => 0,`
	`34`	`+ 'rules' => array(`
	`35`	`+ array('required'),`
	`36`	`+ array('digits')`
	`37`	`+ )`
	`38`	`+ ),`
	`39`	`+ 'group_ids' => array(`
	`40`	`+ 'default' => array(),`
	`41`	`+ 'rules' => array(`
	`42`	`+ array('required')`
	`43`	`+ )`
	`44`	`+ )`
	`45`	`+ );`
	`46`	`+`
	`47`	`+ private $users_model, $user;`
	`48`	`+`
	`49`	`+ public function validateApiRequest() {`
	`50`	`+`
	`51`	`+ $group_ids = $this->request->get('group_ids', array());`
	`52`	`+`
	`53`	`+ foreach ($group_ids as $group_id) {`
	`54`	`+ if(!is_numeric($group_id)){`
	`55`	`+ return array('request_params' => array(`
	`56`	`+ 'group_ids' => ERR_VALIDATE_DIGITS`
	`57`	`+ ));`
	`58`	`+ }`
	`59`	`+ }`
	`60`	`+`
	`61`	`+ $this->users_model = cmsCore::getModel('users');`
	`62`	`+`
	`63`	`+ $this->user = $this->users_model->getUser($this->request->get('user_id'));`
	`64`	`+`
	`65`	`+ if (!$this->user) {`
	`66`	`+ return array('error_code' => 113);`
	`67`	`+ }`
	`68`	`+`
	`69`	`+ if ($this->user['is_admin']) {`
	`70`	`+ return array('error_code' => 15);`
	`71`	`+ }`
	`72`	`+`
	`73`	`+ return false;`
	`74`	`+`
	`75`	`+ }`
	`76`	`+`
	`77`	`+ public function run(){`
	`78`	`+`
	`79`	`+ $this->user['groups'] = array_merge($this->user['groups'], $this->request->get('group_ids', array()));`
	`80`	`+ $this->user['groups'] = array_unique($this->user['groups']);`
	`81`	`+`
	`82`	`+ $this->model->updateUser($this->user['id'], array(`
	`83`	`+ 'groups' => $this->user['groups'],`
	`84`	`+ 'date_group' => null`
	`85`	`+ ));`
	`86`	`+`
	`87`	`+ $this->result = array(`
	`88`	`+ 'success' => true,`
	`89`	`+ 'groups' => $this->user['groups']`
	`90`	`+ );`
	`91`	`+`
	`92`	`+ }`
	`93`	`+`
	`94`	`+}`

`‎package/system/controllers/api/api_actions/api_users_get_groups.php‎`

Lines changed: 47 additions & 0 deletions

Original file line number	Diff line number	Diff line change
`@@ -0,0 +1,47 @@`
	`1`	`+<?php`
	`2`	`+`
	`3`	`+class actionUsersApiUsersGetGroups extends cmsAction {`
	`4`	`+`
	`5`	`+ /**`
	`6`	`+ * Блокировка прямого вызова экшена`
	`7`	`+ * обязательное свойство`
	`8`	`+ * @var boolean`
	`9`	`+ */`
	`10`	`+ public $lock_explicit_call = true;`
	`11`	`+ /**`
	`12`	`+ * Результат запроса`
	`13`	`+ * обязательное свойство`
	`14`	`+ * @var array`
	`15`	`+ */`
	`16`	`+ public $result;`
	`17`	`+ /**`
	`18`	`+ * Флаг, обязующий проверять параметр sig запроса`
	`19`	`+ * sig привязан к домену сайта и к ip адресу посетителя`
	`20`	`+ * @var boolean`
	`21`	`+ */`
	`22`	`+ public $check_sig = false;`
	`23`	`+`
	`24`	`+ /**`
	`25`	`+ * Возможные параметры запроса`
	`26`	`+ * с правилами валидации`
	`27`	`+ * Если запрос имеет параметры, необходимо описать их здесь`
	`28`	`+ * Правила валидации параметров задаются по аналогии с полями форм`
	`29`	`+ * @var array`
	`30`	`+ */`
	`31`	`+ public $request_params = array();`
	`32`	`+`
	`33`	`+ public function validateApiRequest() {`
	`34`	`+ return false;`
	`35`	`+ }`
	`36`	`+`
	`37`	`+ public function run(){`
	`38`	`+`
	`39`	`+ $groups = $this->model->getGroups();`
	`40`	`+`
	`41`	`+ $this->result['count'] = count($groups);`
	`42`	`+ $this->result['items'] = $groups;`
	`43`	`+ $this->result['sig'] = get_sig();`
	`44`	`+`
	`45`	`+ }`
	`46`	`+`
	`47`	`+}`

`‎package/system/controllers/api/api_actions/api_users_remove_from_groups.php‎`

Lines changed: 108 additions & 0 deletions

Original file line number	Diff line number	Diff line change
`@@ -0,0 +1,108 @@`
	`1`	`+<?php`
	`2`	`+`
	`3`	`+class actionUsersApiUsersRemoveFromGroups extends cmsAction {`
	`4`	`+`
	`5`	`+ /**`
	`6`	`+ * Блокировка прямого вызова экшена`
	`7`	`+ * обязательное свойство`
	`8`	`+ * @var boolean`
	`9`	`+ */`
	`10`	`+ public $lock_explicit_call = true;`
	`11`	`+ /**`
	`12`	`+ * Результат запроса`
	`13`	`+ * обязательное свойство`
	`14`	`+ * @var array`
	`15`	`+ */`
	`16`	`+ public $result;`
	`17`	`+ /**`
	`18`	`+ * Флаг, обязующий проверять параметр sig запроса`
	`19`	`+ * sig привязан к домену сайта и к ip адресу посетителя`
	`20`	`+ * @var boolean`
	`21`	`+ */`
	`22`	`+ public $check_sig = true;`
	`23`	`+`
	`24`	`+ /**`
	`25`	`+ * Возможные параметры запроса`
	`26`	`+ * с правилами валидации`
	`27`	`+ * Если запрос имеет параметры, необходимо описать их здесь`
	`28`	`+ * Правила валидации параметров задаются по аналогии с полями форм`
	`29`	`+ * @var array`
	`30`	`+ */`
	`31`	`+ public $request_params = array(`
	`32`	`+ 'user_id' => array(`
	`33`	`+ 'default' => 0,`
	`34`	`+ 'rules' => array(`
	`35`	`+ array('required'),`
	`36`	`+ array('digits')`
	`37`	`+ )`
	`38`	`+ ),`
	`39`	`+ 'group_ids' => array(`
	`40`	`+ 'default' => array(),`
	`41`	`+ 'rules' => array(`
	`42`	`+ array('required')`
	`43`	`+ )`
	`44`	`+ )`
	`45`	`+ );`
	`46`	`+`
	`47`	`+ private $users_model, $user;`
	`48`	`+`
	`49`	`+ public function validateApiRequest() {`
	`50`	`+`
	`51`	`+ $group_ids = $this->request->get('group_ids', array());`
	`52`	`+`
	`53`	`+ foreach ($group_ids as $group_id) {`
	`54`	`+ if(!is_numeric($group_id)){`
	`55`	`+ return array('request_params' => array(`
	`56`	`+ 'group_ids' => ERR_VALIDATE_DIGITS`
	`57`	`+ ));`
	`58`	`+ }`
	`59`	`+ }`
	`60`	`+`
	`61`	`+ $this->users_model = cmsCore::getModel('users');`
	`62`	`+`
	`63`	`+ $this->user = $this->users_model->getUser($this->request->get('user_id'));`
	`64`	`+`
	`65`	`+ if (!$this->user) {`
	`66`	`+ return array('error_code' => 113);`
	`67`	`+ }`
	`68`	`+`
	`69`	`+ if ($this->user['is_admin']) {`
	`70`	`+ return array('error_code' => 15);`
	`71`	`+ }`
	`72`	`+`
	`73`	`+ return false;`
	`74`	`+`
	`75`	`+ }`
	`76`	`+`
	`77`	`+ public function run(){`
	`78`	`+`
	`79`	`+ $group_ids = $this->request->get('group_ids', array());`
	`80`	`+`
	`81`	`+ $removed = array();`
	`82`	`+`
	`83`	`+ foreach ($group_ids as $group_id) {`
	`84`	`+`
	`85`	`+ if(($key = array_search($group_id, $this->user['groups'])) !== false) {`
	`86`	`+ unset($this->user['groups'][$key]);`
	`87`	`+ $removed[] = $group_id;`
	`88`	`+ }`
	`89`	`+`
	`90`	`+ }`
	`91`	`+`
	`92`	`+ if($removed){`
	`93`	`+`
	`94`	`+ $this->model->updateUser($this->user['id'], array(`
	`95`	`+ 'groups' => $this->user['groups'],`
	`96`	`+ 'date_group' => null`
	`97`	`+ ));`
	`98`	`+`
	`99`	`+ }`
	`100`	`+`
	`101`	`+ $this->result = array(`
	`102`	`+ 'success' => ($removed ? true : false),`
	`103`	`+ 'groups' => $this->user['groups']`
	`104`	`+ );`
	`105`	`+`
	`106`	`+ }`
	`107`	`+`
	`108`	`+}`

`‎package/system/controllers/api/backend/forms/form_key.php‎`

Lines changed: 1 addition & 0 deletions

Original file line number	Diff line number	Diff line change
`@@ -22,6 +22,7 @@ public function init() {`
`22`	`22`	`if ($files) {`
`23`	`23`	`foreach ($files as $file_name) {`
`24`	`24`	`$name = str_replace(array('api_', '.php'), '', $file_name);`
	`25`	`+ $name = substr_replace($name, '.', strpos($name, '_')).ltrim(strstr($name, '_'), '_');`
`25`	`26`	`$items[$name] = $name;`
`26`	`27`	`}`
`27`	`28`	`}`

`‎package/system/controllers/api/model.php‎`

Lines changed: 3 additions & 1 deletion

Original file line number	Diff line number	Diff line change
`@@ -19,7 +19,9 @@ public function getKey($id) {`
`19`	`19`
`20`	`20`	`$key = $this->filterEqual($field, $id)->getItem('api_keys');`
`21`	`21`
`22`		`- $key['methods_access'] = cmsModel::yamlToArray($key['methods_access']);`
	`22`	`+ if($key){`
	`23`	`+ $key['methods_access'] = cmsModel::yamlToArray($key['methods_access']);`
	`24`	`+ }`
`23`	`25`
`24`	`26`	`return $key;`
`25`	`27`

`‎package/system/languages/en/controllers/api/api.php‎`

Lines changed: 1 addition & 0 deletions

Original file line number	Diff line number	Diff line change
`@@ -36,3 +36,4 @@`
`36`	`36`	`define('LANG_API_ERROR322', 'Content type not found');`
`37`	`37`	`define('LANG_API_ERROR323', 'Register is forbidden');`
`38`	`38`	`define('LANG_API_ERROR1110', 'Incorrect code');`
	`39`	`+define('LANG_API_ERROR113', 'Invalid user id ');`

`‎package/system/languages/ru/controllers/api/api.php‎`

Lines changed: 1 addition & 0 deletions

Original file line number	Diff line number	Diff line change
`@@ -36,3 +36,4 @@`
`36`	`36`	`define('LANG_API_ERROR322', 'Тип контента не найден');`
`37`	`37`	`define('LANG_API_ERROR323', 'Регистрация запрещена');`
`38`	`38`	`define('LANG_API_ERROR1110', 'Неправильный код');`
	`39`	`+define('LANG_API_ERROR113', 'Неверный идентификатор пользователя');`

0 commit comments

Comments

(0)

Navigation Menu

Search code, repositories, users, issues, pull requests...

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

Uh oh!

Commit 3d42eda

File tree

8 files changed

8 files changed

`‎package/system/controllers/api/actions/method.php‎`

`‎package/system/controllers/api/api_actions/api_users_add_to_groups.php‎`

`‎package/system/controllers/api/api_actions/api_users_get_groups.php‎`

`‎package/system/controllers/api/api_actions/api_users_remove_from_groups.php‎`

`‎package/system/controllers/api/backend/forms/form_key.php‎`

`‎package/system/controllers/api/model.php‎`

`‎package/system/languages/en/controllers/api/api.php‎`

`‎package/system/languages/ru/controllers/api/api.php‎`

0 commit comments