2017-09-15 14:36:37 +03:00
|
|
|
<?php if ( ! defined('BASEPATH'))
|
|
|
|
{
|
|
|
|
exit('No direct script access allowed');
|
|
|
|
}
|
2016-07-08 22:14:38 +03:00
|
|
|
|
|
|
|
/* ----------------------------------------------------------------------------
|
|
|
|
* Easy!Appointments - Open Source Web Scheduler
|
|
|
|
*
|
|
|
|
* @package EasyAppointments
|
|
|
|
* @author A.Tselegidis <alextselegidis@gmail.com>
|
2017-01-31 09:35:34 +03:00
|
|
|
* @copyright Copyright (c) 2013 - 2017, Alex Tselegidis
|
2016-07-08 22:14:38 +03:00
|
|
|
* @license http://opensource.org/licenses/GPL-3.0 - GPLv3
|
|
|
|
* @link http://easyappointments.org
|
|
|
|
* @since v1.2.0
|
|
|
|
* ---------------------------------------------------------------------------- */
|
|
|
|
|
2016-11-09 21:56:24 +03:00
|
|
|
use \EA\Engine\Types\NonEmptyText;
|
2016-07-09 12:17:39 +03:00
|
|
|
|
|
|
|
/**
|
2017-09-15 14:36:37 +03:00
|
|
|
* API V1 Controller
|
2016-07-09 12:17:39 +03:00
|
|
|
*
|
|
|
|
* Parent controller class for the API v1 resources. Extend this class instead of the CI_Controller
|
|
|
|
* and call the parent constructor.
|
|
|
|
*
|
|
|
|
* @package Controllers
|
|
|
|
* @subpackage API
|
|
|
|
*/
|
2016-07-08 22:14:38 +03:00
|
|
|
class API_V1_Controller extends CI_Controller {
|
2016-07-09 12:17:39 +03:00
|
|
|
/**
|
2017-09-15 14:36:37 +03:00
|
|
|
* Class Constructor
|
2016-07-09 12:17:39 +03:00
|
|
|
*
|
2017-09-15 14:36:37 +03:00
|
|
|
* This constructor will handle the common operations of each API call.
|
2016-07-09 12:17:39 +03:00
|
|
|
*
|
|
|
|
* Important: Do not forget to call the this constructor from the child classes.
|
|
|
|
*
|
2017-09-15 14:36:37 +03:00
|
|
|
* Notice: At the time being only the basic authentication is supported. Make sure
|
2016-07-09 12:17:39 +03:00
|
|
|
* that you use the API through SSL/TLS for security.
|
|
|
|
*/
|
2017-09-15 14:36:37 +03:00
|
|
|
public function __construct()
|
|
|
|
{
|
|
|
|
if ( ! isset($_SERVER['PHP_AUTH_USER']))
|
|
|
|
{
|
2016-12-07 21:45:39 +03:00
|
|
|
$this->_requestAuthentication();
|
2017-09-15 14:36:37 +03:00
|
|
|
return;
|
2016-07-09 12:17:39 +03:00
|
|
|
}
|
|
|
|
|
|
|
|
parent::__construct();
|
2016-07-09 13:24:52 +03:00
|
|
|
|
2017-09-15 14:36:37 +03:00
|
|
|
try
|
|
|
|
{
|
2016-11-09 21:56:24 +03:00
|
|
|
$username = new NonEmptyText($_SERVER['PHP_AUTH_USER']);
|
|
|
|
$password = new NonEmptyText($_SERVER['PHP_AUTH_PW']);
|
2017-09-15 14:36:37 +03:00
|
|
|
$authorization = new \EA\Engine\Api\V1\Authorization($this);
|
|
|
|
$authorization->basic($username, $password);
|
|
|
|
} catch (\Exception $exception)
|
|
|
|
{
|
|
|
|
exit($this->_handleException($exception));
|
2016-07-09 13:24:52 +03:00
|
|
|
}
|
2016-07-09 12:17:39 +03:00
|
|
|
}
|
2016-07-08 22:14:38 +03:00
|
|
|
|
2016-07-09 12:17:39 +03:00
|
|
|
/**
|
|
|
|
* Sets request authentication headers.
|
|
|
|
*/
|
2017-09-15 14:36:37 +03:00
|
|
|
protected function _requestAuthentication()
|
|
|
|
{
|
2016-07-09 12:17:39 +03:00
|
|
|
header('WWW-Authenticate: Basic realm="Easy!Appointments"');
|
|
|
|
header('HTTP/1.0 401 Unauthorized');
|
2016-07-09 14:19:07 +03:00
|
|
|
exit('You are not authorized to use the API.');
|
2016-07-09 12:17:39 +03:00
|
|
|
}
|
2016-07-09 13:24:52 +03:00
|
|
|
|
|
|
|
/**
|
|
|
|
* Outputs the required headers and messages for exception handling.
|
|
|
|
*
|
|
|
|
* Call this method from catch blocks of child controller callbacks.
|
2017-09-15 14:36:37 +03:00
|
|
|
*
|
2016-10-10 19:29:48 +03:00
|
|
|
* @param \Exception $exception Thrown exception to be outputted.
|
2016-07-09 13:24:52 +03:00
|
|
|
*/
|
2017-09-15 14:36:37 +03:00
|
|
|
protected function _handleException(\Exception $exception)
|
|
|
|
{
|
2016-07-09 13:24:52 +03:00
|
|
|
$error = [
|
|
|
|
'code' => $exception->getCode() ?: 500,
|
2017-09-15 14:36:37 +03:00
|
|
|
'message' => $exception->getMessage(),
|
|
|
|
];
|
2016-07-09 13:24:52 +03:00
|
|
|
|
2017-09-15 14:36:37 +03:00
|
|
|
$header = $exception instanceof \EA\Engine\Api\V1\Exception
|
|
|
|
? $exception->getCode() . ' ' . $exception->getHeader()
|
2016-07-09 13:24:52 +03:00
|
|
|
: '500 Internal Server Error';
|
|
|
|
|
|
|
|
header('HTTP/1.0 ' . $header);
|
|
|
|
header('Content-Type: application/json');
|
|
|
|
|
2017-09-15 14:36:37 +03:00
|
|
|
echo json_encode($error, JSON_UNESCAPED_SLASHES | JSON_PRETTY_PRINT);
|
2016-07-09 13:24:52 +03:00
|
|
|
}
|
2016-07-10 13:59:04 +03:00
|
|
|
|
|
|
|
/**
|
2017-09-15 14:36:37 +03:00
|
|
|
* Throw an API exception stating that the requested record was not found.
|
|
|
|
*
|
2016-07-10 13:59:04 +03:00
|
|
|
* @throws \EA\Engine\Api\V1\Exception
|
|
|
|
*/
|
2017-09-15 14:36:37 +03:00
|
|
|
protected function _throwRecordNotFound()
|
|
|
|
{
|
|
|
|
throw new \EA\Engine\Api\V1\Exception('The requested record was not found!', 404, 'Not Found');
|
2016-07-10 13:59:04 +03:00
|
|
|
}
|
2016-07-08 22:14:38 +03:00
|
|
|
}
|