Commit 2a60c252 authored by Ad Schellevis's avatar Ad Schellevis

(mvc) api, accept json body as POST data

parent c92a65c1
...@@ -51,6 +51,26 @@ class ApiControllerBase extends ControllerRoot ...@@ -51,6 +51,26 @@ class ApiControllerBase extends ControllerRoot
$this->cleanseOutput = false; $this->cleanseOutput = false;
} }
/**
* parse raw json type content to POST data depending on content type
* (only for api calls)
* @return string
*/
private function parseJsonBodyData()
{
switch ($this->request->getHeader('CONTENT_TYPE')) {
case 'application/json':
case 'application/json;charset=UTF-8':
$jsonRawBody = $this->request->getJsonRawBody(true);
if (empty($this->request->getRawBody()) && empty($jsonRawBody)) {
return "Invalid JSON syntax";
}
$_POST = $jsonRawBody;
break;
}
return null;
}
/** /**
* Initialize API controller * Initialize API controller
*/ */
...@@ -86,6 +106,7 @@ class ApiControllerBase extends ControllerRoot ...@@ -86,6 +106,7 @@ class ApiControllerBase extends ControllerRoot
if ($authenticator->authenticate($apiKey, $apiSecret)) { if ($authenticator->authenticate($apiKey, $apiSecret)) {
$authResult = $authenticator->getLastAuthProperties(); $authResult = $authenticator->getLastAuthProperties();
if (array_key_exists('username', $authResult)) { if (array_key_exists('username', $authResult)) {
// check ACL if user is returned by the Authenticator object
$acl = new ACL(); $acl = new ACL();
if (!$acl->isPageAccessible($authResult['username'], $_SERVER['REQUEST_URI'])) { if (!$acl->isPageAccessible($authResult['username'], $_SERVER['REQUEST_URI'])) {
$this->getLogger()->error("uri ".$_SERVER['REQUEST_URI']. $this->getLogger()->error("uri ".$_SERVER['REQUEST_URI'].
...@@ -96,12 +117,19 @@ class ApiControllerBase extends ControllerRoot ...@@ -96,12 +117,19 @@ class ApiControllerBase extends ControllerRoot
// authentication + authorization successful. // authentication + authorization successful.
// pre validate request and communicate back to the user on errors // pre validate request and communicate back to the user on errors
$callMethodName = $dispatcher->getActionName().'Action'; $callMethodName = $dispatcher->getActionName().'Action';
$dispatchError = null;
// check number of parameters using reflection // check number of parameters using reflection
$object_info = new \ReflectionObject($this); $object_info = new \ReflectionObject($this);
$req_c = $object_info->getMethod($callMethodName)->getNumberOfRequiredParameters(); $req_c = $object_info->getMethod($callMethodName)->getNumberOfRequiredParameters();
if ($req_c > count($dispatcher->getParams())) { if ($req_c > count($dispatcher->getParams())) {
$dispatchError = 'action ' . $dispatcher->getActionName() . $dispatchError = 'action ' . $dispatcher->getActionName() .
' expects at least '. $req_c . ' parameter(s)'; ' expects at least '. $req_c . ' parameter(s)';
} else {
// if body is send as json data, parse to $_POST first
$dispatchError = $this->parseJsonBodyData();
}
if ($dispatchError != null) {
// send error to client
$this->response->setStatusCode(400, "Bad Request"); $this->response->setStatusCode(400, "Bad Request");
$this->response->setContentType('application/json', 'UTF-8'); $this->response->setContentType('application/json', 'UTF-8');
$this->response->setJsonContent( $this->response->setJsonContent(
......
Markdown is supported
0% or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment