icingaweb2-module-director/library/Director/Web/Controller/Extension/RestApi.php

<?php

namespace Icinga\Module\Director\Web\Controller\Extension;

use Icinga\Exception\AuthenticationException;
use Icinga\Exception\NotFoundError;
use Icinga\Module\Director\Exception\JsonException;
use Icinga\Web\Response;
use InvalidArgumentException;
use Zend_Controller_Response_Exception;

trait RestApi
{
    protected function isApified()
    {
        if (property_exists($this, 'isApified')) {
            return $this->isApified;
        } else {
            return false;
        }
    }

    /**
     * @return bool
     */
    protected function sendNotFoundForRestApi()
    {
        /** @var \Icinga\Web\Request $request */
        $request = $this->getRequest();
        if ($request->isApiRequest()) {
            $this->sendJsonError($this->getResponse(), 'Not found', 404);
            return true;
        } else {
            return false;
        }
    }

    /**
     * @return bool
     */
    protected function sendNotFoundUnlessRestApi()
    {
        /** @var \Icinga\Web\Request $request */
        $request = $this->getRequest();
        if ($request->isApiRequest()) {
            return false;
        } else {
            $this->sendJsonError($this->getResponse(), 'Not found', 404);
            return true;
        }
    }

    /**
     * @throws AuthenticationException
     */
    protected function assertApiPermission()
    {
        if (! $this->hasPermission('director/api')) {
            throw new AuthenticationException('You are not allowed to access this API');
        }
    }

    /**
     * @throws AuthenticationException
     * @throws NotFoundError
     */
    protected function checkForRestApiRequest()
    {
        /** @var \Icinga\Web\Request $request */
        $request = $this->getRequest();
        if ($request->isApiRequest()) {
            $this->assertApiPermission();
            if (! $this->isApified()) {
                throw new NotFoundError('No such API endpoint found');
            }
        }
    }

    /**
     * @param Response $response
     * @param $object
     */
    protected function sendJson(Response $response, $object)
    {
        $response->setHeader('Content-Type', 'application/json', true);
        echo json_encode($object, JSON_PRETTY_PRINT | JSON_UNESCAPED_UNICODE | JSON_UNESCAPED_SLASHES) . "\n";
    }

    /**
     * @param Response $response
     * @param string $message
     * @param int|null $code
     */
    protected function sendJsonError(Response $response, $message, $code = null)
    {
        if ($code !== null) {
            try {
                $response->setHttpResponseCode((int) $code);
            } catch (Zend_Controller_Response_Exception $e) {
                throw new InvalidArgumentException($e->getMessage(), 0, $e);
            }
        }

        $this->sendJson($response, (object) ['error' => $message]);
    }

    /**
     * @return string
     */
    protected function getLastJsonError()
    {
        return JsonException::getJsonErrorMessage(json_last_error());
    }
}
RestApi: move also the RestApi to a trait 2017-06-14 15:04:39 +02:00			`<?php`

			`namespace Icinga\Module\Director\Web\Controller\Extension;`

			`use Icinga\Exception\AuthenticationException;`
			`use Icinga\Exception\NotFoundError;`
RestApi: cleanup, exceptions, phpdoc 2018-06-14 08:33:11 +02:00			`use Icinga\Module\Director\Exception\JsonException;`
RestApi: move also the RestApi to a trait 2017-06-14 15:04:39 +02:00			`use Icinga\Web\Response;`
RestApi: cleanup, exceptions, phpdoc 2018-06-14 08:33:11 +02:00			`use InvalidArgumentException;`
			`use Zend_Controller_Response_Exception;`
RestApi: move also the RestApi to a trait 2017-06-14 15:04:39 +02:00
			`trait RestApi`
			`{`
			`protected function isApified()`
			`{`
			`if (property_exists($this, 'isApified')) {`
			`return $this->isApified;`
			`} else {`
			`return false;`
			`}`
			`}`

RestApi: cleanup, exceptions, phpdoc 2018-06-14 08:33:11 +02:00			`/**`
			`* @return bool`
			`*/`
ConfigController: explicitly forbid all REST API ...calls to methods not being exported. fixes #1113 2017-08-25 12:33:36 +02:00			`protected function sendNotFoundForRestApi()`
			`{`
RestApi: cleanup, exceptions, phpdoc 2018-06-14 08:33:11 +02:00			`/** @var \Icinga\Web\Request $request */`
			`$request = $this->getRequest();`
			`if ($request->isApiRequest()) {`
ConfigController: explicitly forbid all REST API ...calls to methods not being exported. fixes #1113 2017-08-25 12:33:36 +02:00			`$this->sendJsonError($this->getResponse(), 'Not found', 404);`
			`return true;`
			`} else {`
			`return false;`
			`}`
			`}`

RestApi: add a new helper method to this trait 2020-10-07 09:25:03 +02:00			`/**`
			`* @return bool`
			`*/`
			`protected function sendNotFoundUnlessRestApi()`
			`{`
			`/** @var \Icinga\Web\Request $request */`
			`$request = $this->getRequest();`
			`if ($request->isApiRequest()) {`
			`return false;`
			`} else {`
			`$this->sendJsonError($this->getResponse(), 'Not found', 404);`
			`return true;`
			`}`
			`}`

RestApi: cleanup, exceptions, phpdoc 2018-06-14 08:33:11 +02:00			`/**`
			`* @throws AuthenticationException`
			`*/`
RestApi: allow to override permission check 2017-07-06 15:09:18 +02:00			`protected function assertApiPermission()`
			`{`
			`if (! $this->hasPermission('director/api')) {`
			`throw new AuthenticationException('You are not allowed to access this API');`
			`}`
			`}`

RestApi: cleanup, exceptions, phpdoc 2018-06-14 08:33:11 +02:00			`/**`
			`* @throws AuthenticationException`
			`* @throws NotFoundError`
			`*/`
RestApi: move also the RestApi to a trait 2017-06-14 15:04:39 +02:00			`protected function checkForRestApiRequest()`
			`{`
RestApi: cleanup, exceptions, phpdoc 2018-06-14 08:33:11 +02:00			`/** @var \Icinga\Web\Request $request */`
			`$request = $this->getRequest();`
			`if ($request->isApiRequest()) {`
RestApi: allow to override permission check 2017-07-06 15:09:18 +02:00			`$this->assertApiPermission();`
RestApi: move also the RestApi to a trait 2017-06-14 15:04:39 +02:00			`if (! $this->isApified()) {`
			`throw new NotFoundError('No such API endpoint found');`
			`}`
			`}`
			`}`

RestApi: cleanup, exceptions, phpdoc 2018-06-14 08:33:11 +02:00			`/**`
			`* @param Response $response`
			`* @param $object`
			`*/`
RestApi: move also the RestApi to a trait 2017-06-14 15:04:39 +02:00			`protected function sendJson(Response $response, $object)`
			`{`
			`$response->setHeader('Content-Type', 'application/json', true);`
RestApi: no escaping for unicode and slashes fixes #2243 2020-12-02 18:06:34 +01:00			`echo json_encode($object, JSON_PRETTY_PRINT \| JSON_UNESCAPED_UNICODE \| JSON_UNESCAPED_SLASHES) . "\n";`
RestApi: move also the RestApi to a trait 2017-06-14 15:04:39 +02:00			`}`

RestApi: cleanup, exceptions, phpdoc 2018-06-14 08:33:11 +02:00			`/**`
			`* @param Response $response`
			`* @param string $message`
			`* @param int\|null $code`
			`*/`
RestApi: move also the RestApi to a trait 2017-06-14 15:04:39 +02:00			`protected function sendJsonError(Response $response, $message, $code = null)`
			`{`
			`if ($code !== null) {`
RestApi: cleanup, exceptions, phpdoc 2018-06-14 08:33:11 +02:00			`try {`
			`$response->setHttpResponseCode((int) $code);`
			`} catch (Zend_Controller_Response_Exception $e) {`
			`throw new InvalidArgumentException($e->getMessage(), 0, $e);`
			`}`
RestApi: move also the RestApi to a trait 2017-06-14 15:04:39 +02:00			`}`

			`$this->sendJson($response, (object) ['error' => $message]);`
			`}`

RestApi: cleanup, exceptions, phpdoc 2018-06-14 08:33:11 +02:00			`/**`
			`* @return string`
			`*/`
RestApi: move also the RestApi to a trait 2017-06-14 15:04:39 +02:00			`protected function getLastJsonError()`
			`{`
RestApi: cleanup, exceptions, phpdoc 2018-06-14 08:33:11 +02:00			`return JsonException::getJsonErrorMessage(json_last_error());`
RestApi: move also the RestApi to a trait 2017-06-14 15:04:39 +02:00			`}`
			`}`