From 5f94e3877aa06d7db03c84c4b7a6f1ad4b9e0633 Mon Sep 17 00:00:00 2001 From: systopia Date: Tue, 10 Feb 2015 17:19:54 +0100 Subject: [PATCH] implementing REST --- .gitignore | 1 + proxy/config.php | 60 ++++++++++++++++++++++++++++++++++++++++-------- proxy/proxy.php | 17 ++++++++++++-- proxy/rest.php | 30 ++++++++++++++++++++++++ 4 files changed, 96 insertions(+), 12 deletions(-) create mode 100644 .gitignore diff --git a/.gitignore b/.gitignore new file mode 100644 index 0000000..826cd2d --- /dev/null +++ b/.gitignore @@ -0,0 +1 @@ +secrets.php diff --git a/proxy/config.php b/proxy/config.php index 246bc32..d5e64f8 100644 --- a/proxy/config.php +++ b/proxy/config.php @@ -7,9 +7,19 @@ | http://www.systopia.de/ | +---------------------------------------------------------*/ + // this is the primary variable that you would want to change -$target_civicrm = 'https://civicrm.muslimehelfen.org'; -//$target_civicrm = 'http://localhost:8888/mh'; +//$target_civicrm = 'https://civicrm.muslimehelfen.org'; +$target_civicrm = 'http://localhost:8888/mh'; + +// API and SITE keys +$api_key_map = array(); +$sys_key_map = array(); + +if (file_exists("secrets.php")) { + // keys can also be stored in secrets php + require_once "secrets.php"; +} // default paths, override if you want @@ -17,12 +27,42 @@ $target_rest = $target_civicrm . '/sites/all/modules/civicrm/extern/rest.php'; $target_url = $target_civicrm . '/sites/all/modules/civicrm/extern/url.php'; $target_open = $target_civicrm . '/sites/all/modules/civicrm/extern/open.php'; - - -$api_key_map = array( - '' => '' +// define the REST actions that will be allowed +$rest_allowed_actions = array( + 'MhApi' => array( + 'getcontact' => array( + 'email' => 'string', + 'first_name' => 'string', + 'last_name' => 'string', + 'contact_type' => array('Individual', 'Organization'), + 'prefix' => 'string', + 'street_address' => 'string', + 'country' => 'string', + 'postal_code' => 'string', + 'city' => 'string', + 'phone' => 'string', + 'create_if_not_found' => 'int', + 'source' => 'string', + ), + 'addcontribution' => array( + 'contact_id' => 'int', + 'financial_type_id' => 'int', + 'payment_instrument' => 'string', + 'contribution_campaign' => 'string', + 'total_amount' => 'float2', + 'currency' => 'string', + 'contribution_status' => 'string', + 'is_test' => 'int', + 'iban' => 'string', + 'bic' => 'string', + 'source' => 'string', + 'datum' => 'string', + 'notes' => 'string', + ), + 'addactivity' => array( + 'contact_id' => 'int', + 'type_id' => 'int', + 'subject' => 'string', + ), + ) ); - -$sys_key_map = array( - '' => '' - ); \ No newline at end of file diff --git a/proxy/proxy.php b/proxy/proxy.php index 6437929..666ef29 100644 --- a/proxy/proxy.php +++ b/proxy/proxy.php @@ -21,8 +21,8 @@ require_once "config.php"; * where type can be 'int', 'string' (unchecked), */ function civiproxy_redirect($url_requested, $parameters) { - error_log('CALLING: '.$url_requested); - error_log(print_r($parameters,1)); + // error_log('CALLING: '.$url_requested); + // error_log(print_r($parameters,1)); $url = $url_requested; $curlSession = curl_init(); @@ -113,4 +113,17 @@ function civiproxy_get_parameters($valid_parameters) { } return $result; +} + +/** + * responds with an error + * + */ +function civiproxy_rest_error($message) { + $error = array( 'is_error' => 1, + 'error_message' => $message); + // TODO: Implement + //header(); + print $message; + exit(1); } \ No newline at end of file diff --git a/proxy/rest.php b/proxy/rest.php index 57e5a0f..0fc35ed 100644 --- a/proxy/rest.php +++ b/proxy/rest.php @@ -7,4 +7,34 @@ | http://www.systopia.de/ | +---------------------------------------------------------*/ +require_once "config.php"; +require_once "proxy.php"; +// TODO: check for flooding, spoofing, etc. + +// check credentials +$credentials = civiproxy_get_parameters(array('site_key' => 'string', 'api_key' => 'string')); +if (isset($sys_key_map[$credentials['site_key']])) { + $credentials['site_key'] = $credentials['site_key']; +} else { + civiproxy_rest_error("Invalid site key"); +} +if (isset($api_key_map[$credentials['api_key']])) { + $credentials['api_key'] = $credentials['api_key']; +} else { + civiproxy_rest_error("Invalid api key"); +} + +// check if the call itself is allowed +$action = civiproxy_get_parameters(array('entity' => 'string', 'action' => 'string', 'version' => 'int')); +if (!isset($action['version']) || $action['version'] != 3) { + civiproxy_rest_error("Invalid entity/action."); +} +if (isset($rest_allowed_actions[$action['entity']]) && isset($rest_allowed_actions[$action['entity']][$action['action']]) { + $valid_parameters = $rest_allowed_actions[$action['entity']][$action['action']]; +} else { + civiproxy_rest_error("Invalid entity/action."); +} + +$parameters = civiproxy_get_parameters($valid_parameters); +civiproxy_redirect($target_rest, $parameters);