implementing REST

.gitignore

@@ -0,0 +1 @@
+secrets.php

proxy/config.php

@@ -7,9 +7,19 @@
 | http://www.systopia.de/                                 |
 +---------------------------------------------------------*/
 
+
 // this is the primary variable that you would want to change
-$target_civicrm = 'https://civicrm.muslimehelfen.org';
+//$target_civicrm = 'https://civicrm.muslimehelfen.org';
-//$target_civicrm = 'http://localhost:8888/mh';
+$target_civicrm = 'http://localhost:8888/mh';
+
+// API and SITE keys
+$api_key_map = array();
+$sys_key_map = array();
+
+if (file_exists("secrets.php")) {
+  // keys can also be stored in secrets php
+  require_once "secrets.php";
+}
 
 
 // default paths, override if you want
@@ -17,12 +27,42 @@ $target_rest = $target_civicrm . '/sites/all/modules/civicrm/extern/rest.php';
 $target_url  = $target_civicrm . '/sites/all/modules/civicrm/extern/url.php';
 $target_open = $target_civicrm . '/sites/all/modules/civicrm/extern/open.php';
 
-
+// define the REST actions that will be allowed
-
+$rest_allowed_actions = array(
-$api_key_map = array(
+  'MhApi' => array(
-  '' => ''
+      'getcontact'      => array(
+                            'email'                 => 'string',
+                            'first_name'            => 'string',
+                            'last_name'             => 'string',
+                            'contact_type'          => array('Individual', 'Organization'),
+                            'prefix'                => 'string',
+                            'street_address'        => 'string',
+                            'country'               => 'string',
+                            'postal_code'           => 'string',
+                            'city'                  => 'string',
+                            'phone'                 => 'string',
+                            'create_if_not_found'   => 'int',
+                            'source'                => 'string',
+                            ),
+      'addcontribution'     => array(
+                            'contact_id'            => 'int',
+                            'financial_type_id'     => 'int',
+                            'payment_instrument'    => 'string',
+                            'contribution_campaign' => 'string',
+                            'total_amount'          => 'float2',
+                            'currency'              => 'string',
+                            'contribution_status'   => 'string',
+                            'is_test'               => 'int',
+                            'iban'                  => 'string',
+                            'bic'                   => 'string',
+                            'source'                => 'string',
+                            'datum'                 => 'string',
+                            'notes'                 => 'string',
+                            ),
+      'addactivity'     => array(
+                            'contact_id'            => 'int',
+                            'type_id'               => 'int',
+                            'subject'               => 'string',
+                            ),
+    )
   );
-
-$sys_key_map = array(
-  '' => ''
-  );

proxy/proxy.php

@@ -21,8 +21,8 @@ require_once "config.php";
  *                               where type can be 'int', 'string' (unchecked),
  */
 function civiproxy_redirect($url_requested, $parameters) {
-  error_log('CALLING: '.$url_requested);
+  // error_log('CALLING: '.$url_requested);
-  error_log(print_r($parameters,1));
+  // error_log(print_r($parameters,1));
 
   $url = $url_requested;
   $curlSession = curl_init();
@@ -113,4 +113,17 @@ function civiproxy_get_parameters($valid_parameters) {
   }
 
   return $result;
+}
+
+/**
+ * responds with an error
+ * 
+ */
+function civiproxy_rest_error($message) {
+  $error = array( 'is_error'      => 1,
+                  'error_message' => $message);
+  // TODO: Implement
+  //header();
+  print $message;
+  exit(1);
 }

proxy/rest.php

@@ -7,4 +7,34 @@
 | http://www.systopia.de/                                 |
 +---------------------------------------------------------*/
 
+require_once "config.php";
+require_once "proxy.php";
 
+// TODO: check for flooding, spoofing, etc.
+
+// check credentials
+$credentials = civiproxy_get_parameters(array('site_key' => 'string', 'api_key' => 'string'));
+if (isset($sys_key_map[$credentials['site_key']])) {
+  $credentials['site_key'] = $credentials['site_key'];
+} else {
+  civiproxy_rest_error("Invalid site key");
+}
+if (isset($api_key_map[$credentials['api_key']])) {
+  $credentials['api_key'] = $credentials['api_key'];
+} else {
+  civiproxy_rest_error("Invalid api key");
+}
+
+// check if the call itself is allowed
+$action = civiproxy_get_parameters(array('entity' => 'string', 'action' => 'string', 'version' => 'int'));
+if (!isset($action['version']) || $action['version'] != 3) {
+  civiproxy_rest_error("Invalid entity/action.");
+}
+if (isset($rest_allowed_actions[$action['entity']]) && isset($rest_allowed_actions[$action['entity']][$action['action']]) {
+  $valid_parameters = $rest_allowed_actions[$action['entity']][$action['action']];
+} else {
+  civiproxy_rest_error("Invalid entity/action.");
+}
+
+$parameters = civiproxy_get_parameters($valid_parameters);
+civiproxy_redirect($target_rest, $parameters);