Skip to content
Projects
Groups
Snippets
Help
Loading...
Help
Submit feedback
Contribute to GitLab
Sign in / Register
Toggle navigation
I
intranet-rest
Project
Project
Details
Activity
Releases
Cycle Analytics
Repository
Repository
Files
Commits
Branches
Tags
Contributors
Graph
Compare
Charts
Issues
0
Issues
0
List
Board
Labels
Milestones
Merge Requests
0
Merge Requests
0
CI / CD
CI / CD
Pipelines
Jobs
Schedules
Charts
Wiki
Wiki
Snippets
Snippets
Members
Members
Collapse sidebar
Close sidebar
Activity
Graph
Charts
Create a new issue
Jobs
Commits
Issue Boards
Open sidebar
project-open
intranet-rest
Commits
c0f7a46c
Commit
c0f7a46c
authored
Dec 02, 2009
by
Frank Bergmann
Browse files
Options
Browse Files
Download
Email Patches
Plain Diff
- introduced autentication per object type
parent
5ea66da6
Changes
3
Hide whitespace changes
Inline
Side-by-side
Showing
3 changed files
with
99 additions
and
10 deletions
+99
-10
intranet-rest-drop.sql
sql/postgresql/intranet-rest-drop.sql
+53
-0
intranet-rest-procs.tcl
tcl/intranet-rest-procs.tcl
+39
-10
index.adp
www/index.adp
+7
-0
No files found.
sql/postgresql/intranet-rest-drop.sql
0 → 100755
View file @
c0f7a46c
-- /package/intranet-forum/sql/intranet-notes-drop.sql
--
-- Copyright (c) 2003-2006 ]project-open[
--
-- All rights reserved. Please check
-- http://www.project-open.com/license/ for details.
--
-- @author frank.bergmann@project-open.com
-- Drop plugins and menus for the module
--
select
im_component_plugin__del_module
(
'intranet-notes'
);
select
im_menu__del_module
(
'intranet-notes'
);
-----------------------------------------------------------
-- Drop main structures info
-- Drop functions
drop
function
im_note__name
(
integer
);
drop
function
im_note__new
(
integer
,
varchar
,
timestamptz
,
integer
,
varchar
,
integer
,
varchar
,
integer
,
integer
,
integer
);
drop
function
im_note__delete
(
integer
);
-- Drop the main table
drop
table
im_notes
;
-- Delete entries from acs_objects
delete
from
acs_objects
where
object_type
=
'im_note'
;
-- Completely delete the object type from the
-- object system
SELECT
acs_object_type__drop_type
(
'im_note'
,
't'
);
-----------------------------------------------------------
-- Drop Categories
--
drop
view
im_note_status
;
drop
view
im_note_type
;
delete
from
im_categories
where
category_type
=
'Intranet Notes Status'
;
delete
from
im_categories
where
category_type
=
'Intranet Notes Type'
;
tcl/intranet-rest-procs.tcl
View file @
c0f7a46c
...
...
@@ -64,8 +64,8 @@ ad_proc -private im_rest_call_get {} {
}
# Overwrite default format with explicitely specified format in URL
if
{[
info
exists query_hash
(
format
)]}
{
set format
$query
_hash
(
format
)
}
set valid_formats
{
xml html
csv json
}
if
{[
lsearch
$valid
_formats
$format
]
< 0
}
{
return
[
im_rest_error -http_status 406 -message
"Invalid output format '
$format
'. Valid formats include {xml|html
|json
}."
]
}
set valid_formats
{
xml html
}
if
{[
lsearch
$valid
_formats
$format
]
< 0
}
{
return
[
im_rest_error -http_status 406 -message
"Invalid output format '
$format
'. Valid formats include {xml|html}."
]
}
# Call the main request processing routine
im_rest_call
\
...
...
@@ -352,13 +352,26 @@ ad_proc -private im_rest_get_object_type {
}
{
ns_log Notice
"im_rest_get_object_type: format=
$format
, user_id=
$user
_id, object_type=
$object
_type, object_id=
$object
_id, query_hash=
$query
_hash"
switch
$object
_type
{
im_company - im_project
{
}
default
{
# Generic permission check using im_rest_user_id
set object_type_id
[
util_memoize
[
list
db_string otype_id
"select object_type_id from im_rest_object_types where object_type = '
$object
_type'"
-default 0
]]
if
{
!
[
im_object_permission -object_id
$object
_type_id -user_id
$user
_id -privilege
"read"
]}
{
return
[
im_rest_error -http_status 401 -message
"No permissions to read object_type '
$object
_type'"
]
}
}
}
db_1row object_type_info
"
select *
from acs_object_types
where object_type = :object_type
"
set base_url
"/intranet-rest"
set base_url
"
[
im_rest_system_url
]
/intranet-rest"
# -------------------------------------------------------
# Select a number of objects from an object_type, based on criteria in the URL.
...
...
@@ -375,13 +388,14 @@ ad_proc -private im_rest_get_object_type {
"
set result
""
db_foreach objects
$sql
{
set url
"
$base
_url/
$object
_type/
$object
_id"
switch
$format
{
xml
{
append result
"<object_id>
$object
_id</object_id>
\n
"
}
xml
{
append result
"<object_id
href=
\"
$url
\"
>
$object
_id</object_id>
\n
"
}
html
{
append result
"<tr>
<td>
$object
_id</td>
<td>
$object
_name</td>
<td><a href=
'
$base
_url/
$object
_type/
$object
_id'
>
$object
_name</a>
<td><a href=
\"
$url
\"
>
$object
_name</a>
</tr>
\n
"
}
xml
{}
...
...
@@ -460,6 +474,16 @@ ad_proc -private im_rest_authenticate {
ad_proc -private im_rest_system_url
{
}
{
Returns a the system's
"official"
URL without trailing slash
suitable to prefix all hrefs used for the XML format.
}
{
set system_url
[
ad_parameter -package_id
[
ad_acs_kernel_id
]
SystemURL
""
""
]
if
{[
regexp
{
^
(
.*
)
/$
}
$system
_url match system_url_without
]}
{
set system_url
$system
_url_without
}
return
$system
_url
}
ad_proc -private im_rest_format_line
{
-format:required
-object_type:required
...
...
@@ -468,15 +492,16 @@ ad_proc -private im_rest_format_line {
}
{
Format a single line according to format and return the result.
}
{
set base_url
"/intranet-rest"
set base_url
"
[
im_rest_system_url
]
/intranet-rest"
# Transformation without knowing the object_type
set href
""
switch
$column
{
company_id - customer_id - provider_id
{
set company_name
[
util_memoize
[
list
db_string cname
"select company_name from im_companies where company_id=
$value
"
-default
$value
]]
switch
$format
{
html
{
set value
"<a href=
\"
$base
_url/im_company/
$value
\"
>
$company
_name</a>"
}
xml
{
set
value
"<a href=
\"
$base
_url/im_company/
$value
\"
>
$company
_name</a>
"
}
xml
{
set
href
"
$base
_url/im_company/
$value
"
}
}
}
office_id - main_office_id
{
...
...
@@ -498,9 +523,13 @@ ad_proc -private im_rest_format_line {
switch
$format
{
html
{
return
"<tr><td>
$column
</td><td>
$value
</td></tr>
\n
"
}
xml
{
return
"<
$column
>
$value
</
$column
>
\n
"
}
json
{
return
"<
$column
>
$value
</
$column
>
\n
"
}
csv
{
return
"
$column
=
$value
\n
"
}
xml
{
if
{
""
!=
$href
}
{
return
"<
$column
href=
\"
$href
\"
>
$value
</
$column
>
\n
"
}
else
{
return
"<
$column
>
$value
</
$column
>
\n
"
}
}
}
}
...
...
www/index.adp
View file @
c0f7a46c
...
...
@@ -89,6 +89,13 @@ authentication mechanisms:
machine-machine communication...
</ul>
<br>
<h1>XML and HTML Output Formats</h1>
<p>
Every page in the REST API understands the optional parameter "&format=<format>"
where format can be one of {html|xml}. The default format for cookie authentication is
html, while the default for Basic HTTP and auto-login authentication is xml.
</td>
</tr>
</table>
...
...
Write
Preview
Markdown
is supported
0%
Try again
or
attach a new file
Attach a file
Cancel
You are about to add
0
people
to the discussion. Proceed with caution.
Finish editing this message first!
Cancel
Please
register
or
sign in
to comment