mirrors
/
nextcloud
mirror of https://github.com/nextcloud/server.git
Watch 1
Star 0
Fork 0
Code Issues 0 Releases 1008 Wiki Activity
You can not select more than 25 topics Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
2060 Commits
427 Branches
Tree: 7761765a4b
Branches Tags
${ item.name }
Create branch ${ searchTerm }
from '7761765a4b'
${ noResults }
nextcloud/lib/ocs.php

ocs.php 17KB
Raw Blame History

123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103104105106107108109110111112113114115116117118119120121122123124125126127128129130131132133134135136137138139140141142143144145146147148149150151152153154155156157158159160161162163164165166167168169170171172173174175176177178179180181182183184185186187188189190191192193194195196197198199200201202203204205206207208209210211212213214215216217218219220221222223224225226227228229230231232233234235236237238239240241242243244245246247248249250251252253254255256257258259260261262263264265266267268269270271272273274275276277278279280281282283284285286287288289290291292293294295296297298299300301302303304305306307308309310311312313314315316317318319320321322323324325326327328329330331332333334335336337338339340341342343344345346347348349350351352353354355356357358359360361362363364365366367368369370371372373374375376377378379380381382383384385386387388389390391392393394395396397398399400401402403404405406407408409410411412413414415416417418419420421422423424425426427428429430431432433434435436437438439440441442443444445446447448449450451452453454455456457458459460461462463464465466467468469470471472473474475476477478479480481482483484485486487488489490491492493494495496497498499500501502503504505506507508509510511512513514515516517518519520521522523524525526527528529530531532 
  1. <?php

  2. 

  3. /**

  4. * ownCloud

  5. *

  6. * @author Frank Karlitschek

  7. * @copyright 2010 Frank Karlitschek karlitschek@kde.org

  8. *

  9. * This library is free software; you can redistribute it and/or

  10. * modify it under the terms of the GNU AFFERO GENERAL PUBLIC LICENSE

  11. * License as published by the Free Software Foundation; either

  12. * version 3 of the License, or any later version.

  13. *

  14. * This library is distributed in the hope that it will be useful,

  15. * but WITHOUT ANY WARRANTY; without even the implied warranty of

  16. * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the

  17. * GNU AFFERO GENERAL PUBLIC LICENSE for more details.

  18. *

  19. * You should have received a copy of the GNU Affero General Public

  20. * License along with this library.  If not, see <http://www.gnu.org/licenses/>.

  21. *

  22. */

  23. 

  24. 

  25. 

  26. /**

  27.  * Class to handle open collaboration services API requests

  28.  *

  29.  */

  30. class OC_OCS {

  31. 

  32.   /**

  33.    * reads input date from get/post/cookies and converts the date to a special data-type

  34.    *

  35.    * @param variable $key

  36.    * @param variable-type $type

  37.    * @param priority $getpriority

  38.    * @param default  $default

  39.    * @return data

  40.    */

  41.   public static function readData($key,$type='raw',$getpriority=false,$default='') {

  42.     if($getpriority) {

  43.       if(isset($_GET[$key])) {

  44.         $data=$_GET[$key];

  45.       } elseif(isset($_POST[$key])) {

  46.         $data=$_POST[$key];

  47.       } else {

  48.         if($default=='') {

  49.           if(($type=='int') or ($type=='float')) $data=0; else $data='';

  50.         } else {

  51.           $data=$default;

  52.         }

  53.       }

  54.     } else {

  55.       if(isset($_POST[$key])) {

  56.         $data=$_POST[$key];

  57.       } elseif(isset($_GET[$key])) {

  58.         $data=$_GET[$key];

  59.       } elseif(isset($_COOKIE[$key])) {

  60.         $data=$_COOKIE[$key];

  61.       } else {

  62.         if($default=='') {

  63.           if(($type=='int') or ($type=='float')) $data=0; else $data='';

  64.         } else {

  65.           $data=$default;

  66.         }

  67.       }

  68.     }

  69. 

  70.     if($type=='raw') return($data);

  71.     elseif($type=='text') return(addslashes(strip_tags($data)));

  72.     elseif($type=='int')  { $data = (int) $data; return($data); }

  73.     elseif($type=='float')  { $data = (float) $data; return($data); }

  74.     elseif($type=='array')  { $data = $data; return($data); }

  75.   }

  76. 

  77. 

  78.   /**

  79.     main function to handle the REST request

  80.   **/

  81.   public static function handle() {

  82. 

  83.     // overwrite the 404 error page returncode

  84.     header("HTTP/1.0 200 OK");

  85. 

  86. 

  87.     if($_SERVER['REQUEST_METHOD'] == 'GET') {

  88.        $method='get';

  89.     }elseif($_SERVER['REQUEST_METHOD'] == 'PUT') {

  90.        $method='put';

  91.        parse_str(file_get_contents("php://input"),$put_vars);

  92.     }elseif($_SERVER['REQUEST_METHOD'] == 'POST') {

  93.        $method='post';

  94.     }else{

  95.       echo('internal server error: method not supported');

  96.       exit();

  97.     }

  98. 

  99.     // preprocess url

  100.     $url=$_SERVER['REQUEST_URI'];

  101.     if(substr($url,(strlen($url)-1))<>'/') $url.='/';

  102.     $ex=explode('/',$url);

  103.     $paracount=count($ex);

  104. 

  105.     // eventhandler

  106.     // CONFIG

  107.     // apiconfig - GET - CONFIG

  108.     if(($method=='get') and (strtolower($ex[$paracount-3])=='v1.php') and (strtolower($ex[$paracount-2])=='config')){

  109.       $format=OC_OCS::readdata('format','text');

  110.       OC_OCS::apiconfig($format);

  111. 

  112.     // PERSON

  113.     // personcheck - POST - PERSON/CHECK

  114.     }elseif(($method=='post') and (strtolower($ex[$paracount-4])=='v1.php') and (strtolower($ex[$paracount-3])=='person') and  (strtolower($ex[$paracount-2])=='check')){

  115.       $format=OC_OCS::readdata('format','text');

  116.       $login=OC_OCS::readdata('login','text');

  117.       $passwd=OC_OCS::readdata('password','text');

  118.       OC_OCS::personcheck($format,$login,$passwd);

  119. 

  120.     // ACTIVITY

  121.     // activityget - GET ACTIVITY   page,pagesize als urlparameter

  122.     }elseif(($method=='get') and (strtolower($ex[$paracount-3])=='v1.php')and (strtolower($ex[$paracount-2])=='activity')){

  123.       $format=OC_OCS::readdata('format','text');

  124.       $page=OC_OCS::readdata('page','int');

  125.       $pagesize=OC_OCS::readdata('pagesize','int');

  126.       if($pagesize<1 or $pagesize>100) $pagesize=10;

  127.       OC_OCS::activityget($format,$page,$pagesize);

  128. 

  129.     // activityput - POST ACTIVITY

  130.     }elseif(($method=='post') and (strtolower($ex[$paracount-3])=='v1.php')and (strtolower($ex[$paracount-2])=='activity')){

  131.       $format=OC_OCS::readdata('format','text');

  132.       $message=OC_OCS::readdata('message','text');

  133.       OC_OCS::activityput($format,$message);

  134. 

  135.     // PRIVATEDATA

  136.     // get - GET DATA

  137.     }elseif(($method=='get') and (strtolower($ex[$paracount-4])=='v1.php')and (strtolower($ex[$paracount-2])=='getattribute')){

  138.       $format=OC_OCS::readdata('format','text');

  139.       OC_OCS::privateDataGet($format);

  140. 

  141.     }elseif(($method=='get') and (strtolower($ex[$paracount-5])=='v1.php')and (strtolower($ex[$paracount-3])=='getattribute')){

  142.       $format=OC_OCS::readdata('format','text');

  143.       $app=$ex[$paracount-2];

  144.       OC_OCS::privateDataGet($format, $app);

  145. 	}elseif(($method=='get') and (strtolower($ex[$paracount-6])=='v1.php')and (strtolower($ex[$paracount-4])=='getattribute')){

  146.       $format=OC_OCS::readdata('format','text');

  147.       $key=$ex[$paracount-2];

  148.       $app=$ex[$paracount-3];

  149.       OC_OCS::privateDataGet($format, $app,$key);

  150. 

  151.     // set - POST DATA

  152.     }elseif(($method=='post') and (strtolower($ex[$paracount-6])=='v1.php')and (strtolower($ex[$paracount-4])=='setattribute')){

  153.       $format=OC_OCS::readdata('format','text');

  154.       $key=$ex[$paracount-2];

  155.       $app=$ex[$paracount-3];

  156.       $value=OC_OCS::readdata('value','text');

  157.       OC_OCS::privatedataset($format, $app, $key, $value);

  158.     // delete - POST DATA

  159.     }elseif(($method=='post') and (strtolower($ex[$paracount-6])=='v1.php')and (strtolower($ex[$paracount-4])=='deleteattribute')){

  160.       $format=OC_OCS::readdata('format','text');

  161.       $key=$ex[$paracount-2];

  162.       $app=$ex[$paracount-3];

  163.       OC_OCS::privatedatadelete($format, $app, $key);

  164. 

  165.     }else{

  166.       $format=OC_OCS::readdata('format','text');

  167.       $txt='Invalid query, please check the syntax. API specifications are here: http://www.freedesktop.org/wiki/Specifications/open-collaboration-services. DEBUG OUTPUT:'."\n";

  168.       $txt.=OC_OCS::getdebugoutput();

  169.       echo(OC_OCS::generatexml($format,'failed',999,$txt));

  170.     }

  171.     exit();

  172.   }

  173. 

  174.   /**

  175.    * generated some debug information to make it easier to find faild API calls

  176.    * @return debug data string

  177.    */

  178.   private static function getDebugOutput() {

  179.     $txt='';

  180.     $txt.="debug output:\n";

  181.     if(isset($_SERVER['REQUEST_METHOD'])) $txt.='http request method: '.$_SERVER['REQUEST_METHOD']."\n";

  182.     if(isset($_SERVER['REQUEST_URI'])) $txt.='http request uri: '.$_SERVER['REQUEST_URI']."\n";

  183.     if(isset($_GET)) foreach($_GET as $key=>$value) $txt.='get parameter: '.$key.'->'.$value."\n";

  184.     if(isset($_POST)) foreach($_POST as $key=>$value) $txt.='post parameter: '.$key.'->'.$value."\n";

  185.     return($txt);

  186.   }

  187. 

  188.   /**

  189.    * checks if the user is authenticated

  190.    * checks the IP whitlist, apikeys and login/password combination

  191.    * if $forceuser is true and the authentication failed it returns an 401 http response.

  192.    * if $forceuser is false and authentification fails it returns an empty username string

  193.    * @param bool $forceuser

  194.    * @return username string

  195.    */

  196.   private static function checkPassword($forceuser=true) {

  197.     //valid user account ?

  198.     if(isset($_SERVER['PHP_AUTH_USER'])) $authuser=$_SERVER['PHP_AUTH_USER']; else $authuser='';

  199.     if(isset($_SERVER['PHP_AUTH_PW']))   $authpw=$_SERVER['PHP_AUTH_PW']; else $authpw='';

  200. 

  201.     if(empty($authuser)) {

  202.       if($forceuser){

  203.         header('WWW-Authenticate: Basic realm="your valid user account or api key"');

  204.         header('HTTP/1.0 401 Unauthorized');

  205.         exit;

  206.       }else{

  207.         $identifieduser='';

  208.       }

  209.     }else{

  210.       if(!OC_User::login($authuser,$authpw)){

  211.         if($forceuser){

  212.           header('WWW-Authenticate: Basic realm="your valid user account or api key"');

  213.           header('HTTP/1.0 401 Unauthorized');

  214.           exit;

  215.         }else{

  216.           $identifieduser='';

  217.         }

  218.       }else{

  219.         $identifieduser=$authuser;

  220.       }

  221.     }

  222. 

  223.     return($identifieduser);

  224.   }

  225. 

  226. 

  227.   /**

  228.    * generates the xml or json response for the API call from an multidimenional data array.

  229.    * @param string $format

  230.    * @param string $status

  231.    * @param string $statuscode

  232.    * @param string $message

  233.    * @param array $data

  234.    * @param string $tag

  235.    * @param string $tagattribute

  236.    * @param int $dimension

  237.    * @param int $itemscount

  238.    * @param int $itemsperpage

  239.    * @return string xml/json

  240.    */

  241.   private static function generateXml($format,$status,$statuscode,$message,$data=array(),$tag='',$tagattribute='',$dimension=-1,$itemscount='',$itemsperpage='') {

  242.     if($format=='json') {

  243. 

  244.       $json=array();

  245.       $json['status']=$status;

  246.       $json['statuscode']=$statuscode;

  247.       $json['message']=$message;

  248.       $json['totalitems']=$itemscount;

  249.       $json['itemsperpage']=$itemsperpage;

  250.       $json['data']=$data;

  251.       return(json_encode($json));

  252. 

  253. 

  254.     }else{

  255.       $txt='';

  256.       $writer = xmlwriter_open_memory();

  257.       xmlwriter_set_indent( $writer, 2 );

  258.       xmlwriter_start_document($writer );

  259.       xmlwriter_start_element($writer,'ocs');

  260.       xmlwriter_start_element($writer,'meta');

  261.       xmlwriter_write_element($writer,'status',$status);

  262.       xmlwriter_write_element($writer,'statuscode',$statuscode);

  263.       xmlwriter_write_element($writer,'message',$message);

  264.       if($itemscount<>'') xmlwriter_write_element($writer,'totalitems',$itemscount);

  265.       if(!empty($itemsperpage)) xmlwriter_write_element($writer,'itemsperpage',$itemsperpage);

  266.       xmlwriter_end_element($writer);

  267.       if($dimension=='0') {

  268.         // 0 dimensions

  269.         xmlwriter_write_element($writer,'data',$data);

  270. 

  271.       }elseif($dimension=='1') {

  272.         xmlwriter_start_element($writer,'data');

  273.         foreach($data as $key=>$entry) {

  274.           xmlwriter_write_element($writer,$key,$entry);

  275.         }

  276.         xmlwriter_end_element($writer);

  277. 

  278.       }elseif($dimension=='2') {

  279.         xmlwriter_start_element($writer,'data');

  280.         foreach($data as $entry) {

  281.           xmlwriter_start_element($writer,$tag);

  282.           if(!empty($tagattribute)) {

  283.             xmlwriter_write_attribute($writer,'details',$tagattribute);

  284.           }

  285.           foreach($entry as $key=>$value) {

  286.             if(is_array($value)){

  287.               foreach($value as $k=>$v) {

  288.                 xmlwriter_write_element($writer,$k,$v);

  289.               }

  290.             } else {

  291.               xmlwriter_write_element($writer,$key,$value);

  292.             }

  293.           }

  294.           xmlwriter_end_element($writer);

  295.         }

  296.         xmlwriter_end_element($writer);

  297. 

  298.       }elseif($dimension=='3') {

  299.         xmlwriter_start_element($writer,'data');

  300.         foreach($data as $entrykey=>$entry) {

  301.           xmlwriter_start_element($writer,$tag);

  302.           if(!empty($tagattribute)) {

  303.             xmlwriter_write_attribute($writer,'details',$tagattribute);

  304.           }

  305.           foreach($entry as $key=>$value) {

  306.             if(is_array($value)){

  307.               xmlwriter_start_element($writer,$entrykey);

  308.               foreach($value as $k=>$v) {

  309.                 xmlwriter_write_element($writer,$k,$v);

  310.               }

  311.               xmlwriter_end_element($writer);

  312.             } else {

  313.               xmlwriter_write_element($writer,$key,$value);

  314.             }

  315.           }

  316.           xmlwriter_end_element($writer);

  317.         }

  318.         xmlwriter_end_element($writer);

  319.       }elseif($dimension=='dynamic') {

  320.         xmlwriter_start_element($writer,'data');

  321.         OC_OCS::toxml($writer,$data,'comment');

  322.         xmlwriter_end_element($writer);

  323.       }

  324. 

  325.       xmlwriter_end_element($writer);

  326. 

  327.       xmlwriter_end_document( $writer );

  328.       $txt.=xmlwriter_output_memory( $writer );

  329.       unset($writer);

  330.       return($txt);

  331.     }

  332.   }

  333. 

  334.   public static function toXml($writer,$data,$node) {

  335.     foreach($data as $key => $value) {

  336.       if (is_numeric($key)) {

  337.         $key = $node;

  338.       }

  339.       if (is_array($value)){

  340.         xmlwriter_start_element($writer,$key);

  341.         OC_OCS::toxml($writer,$value,$node);

  342.         xmlwriter_end_element($writer);

  343.       }else{

  344.         xmlwriter_write_element($writer,$key,$value);

  345.       }

  346. 

  347.     }

  348.   }

  349. 

  350. 

  351. 

  352. 

  353.   /**

  354.    * return the config data of this server

  355.    * @param string $format

  356.    * @return string xml/json

  357.    */

  358.   private static function apiConfig($format) {

  359.     $user=OC_OCS::checkpassword(false);

  360.     $url=substr($_SERVER['HTTP_HOST'].$_SERVER['SCRIPT_NAME'],0,-11).'';

  361. 

  362.     $xml['version']='1.5';

  363.     $xml['website']='ownCloud';

  364.     $xml['host']=$_SERVER['HTTP_HOST'];

  365.     $xml['contact']='';

  366.     $xml['ssl']='false';

  367.     echo(OC_OCS::generatexml($format,'ok',100,'',$xml,'config','',1));

  368.   }

  369. 

  370. 

  371.   /**

  372.    * check if the provided login/apikey/password is valid

  373.    * @param string $format

  374.    * @param string $login

  375.    * @param string $passwd

  376.    * @return string xml/json

  377.    */

  378.   private static function personCheck($format,$login,$passwd) {

  379.     if($login<>''){

  380.       if(OC_User::login($login,$passwd)){

  381.         $xml['person']['personid']=$login;

  382.         echo(OC_OCS::generatexml($format,'ok',100,'',$xml,'person','check',2));

  383.       }else{

  384.         echo(OC_OCS::generatexml($format,'failed',102,'login not valid'));

  385.       }

  386.     }else{

  387.       echo(OC_OCS::generatexml($format,'failed',101,'please specify all mandatory fields'));

  388.     }

  389.   }

  390. 

  391. 

  392. 

  393.   // ACTIVITY API #############################################

  394. 

  395.   /**

  396.    * get my activities

  397.    * @param string $format

  398.    * @param string $page

  399.    * @param string $pagesize

  400.    * @return string xml/json

  401.    */

  402.   private static function activityGet($format,$page,$pagesize) {

  403.     $user=OC_OCS::checkpassword();

  404.     

  405. 	//TODO

  406. 

  407.     $txt=OC_OCS::generatexml($format,'ok',100,'',$xml,'activity','full',2,$totalcount,$pagesize);

  408.     echo($txt);

  409.   }

  410. 

  411.   /**

  412.    * submit a activity

  413.    * @param string $format

  414.    * @param string $message

  415.    * @return string xml/json

  416.    */

  417.   private static function activityPut($format,$message) {

  418.     // not implemented in ownCloud

  419.     $user=OC_OCS::checkpassword();

  420.     echo(OC_OCS::generatexml($format,'ok',100,''));

  421.   }

  422. 

  423.   // PRIVATEDATA API #############################################

  424. 

  425.   /**

  426.    * get private data and create the xml for ocs

  427.    * @param string $format

  428.    * @param string $app

  429.    * @param string $key

  430.    * @return string xml/json

  431.    */

  432.   private static function privateDataGet($format,$app="",$key="") {

  433.     $user=OC_OCS::checkpassword();

  434. 	$result=OC_OCS::getData($user,$app,$key);

  435.     $xml=array();

  436.     foreach($result as $i=>$log) {

  437.       $xml[$i]['key']=$log['key'];

  438.       $xml[$i]['app']=$log['app'];

  439.       $xml[$i]['value']=$log['value'];

  440.     }

  441. 

  442. 

  443.     $txt=OC_OCS::generatexml($format, 'ok', 100, '', $xml, 'privatedata', 'full', 2, count($xml), 0);//TODO: replace 'privatedata' with 'attribute' once a new libattice has been released that works with it

  444.     echo($txt);

  445.   }

  446. 

  447.   /**

  448.    * set private data referenced by $key to $value and generate the xml for ocs

  449.    * @param string $format

  450.    * @param string $app

  451.    * @param string $key

  452.    * @param string $value

  453.    * @return string xml/json

  454.    */

  455. 	private static function privateDataSet($format, $app, $key, $value) {

  456. 		$user=OC_OCS::checkpassword();

  457. 		if(OC_OCS::setData($user,$app,$key,$value)){

  458. 			echo(OC_OCS::generatexml($format,'ok',100,''));

  459. 		}

  460. 	}

  461. 

  462. 	/**

  463. 	* delete private data referenced by $key and generate the xml for ocs

  464. 	* @param string $format

  465. 	* @param string $app

  466. 	* @param string $key

  467. 	* @return string xml/json

  468. 	*/

  469. 	private static function privateDataDelete($format, $app, $key) {

  470. 		if($key=="" or $app==""){

  471. 			return; //key and app are NOT optional here

  472. 		}

  473. 		$user=OC_OCS::checkpassword();

  474. 		if(OC_OCS::deleteData($user,$app,$key)){

  475. 			echo(OC_OCS::generatexml($format,'ok',100,''));

  476. 		}

  477. 	}

  478. 	

  479. 	/**

  480. 	* get private data

  481. 	* @param string $user

  482. 	* @param string $app

  483. 	* @param string $key

  484. 	* @param bool $like use LIKE instead of = when comparing keys

  485. 	* @return array

  486. 	*/

  487. 	public static function getData($user,$app="",$key="") {

  488. 		if($app){

  489. 			$apps=array($app);

  490. 		}else{

  491. 			$apps=OC_Preferences::getApps($user);

  492. 		}

  493. 		if($key){

  494. 			$keys=array($key);

  495. 		}else{

  496. 			foreach($apps as $app){

  497. 				$keys=OC_Preferences::getKeys($user,$app);

  498. 			}

  499. 		}

  500. 		$result=array();

  501. 		foreach($apps as $app){

  502. 			foreach($keys as $key){

  503. 				$value=OC_Preferences::getValue($user,$app,$key);

  504. 				$result[]=array('app'=>$app,'key'=>$key,'value'=>$value);

  505. 			}

  506. 		}

  507. 		return $result;

  508. 	}

  509. 

  510. 	/**

  511. 	* set private data referenced by $key to $value

  512. 	* @param string $user

  513. 	* @param string $app

  514. 	* @param string $key

  515. 	* @param string $value

  516. 	* @return bool

  517. 	*/

  518. 	public static function setData($user, $app, $key, $value) {

  519. 		return OC_Preferences::setValue($user,$app,$key,$value);

  520. 	}

  521. 

  522. 	/**

  523. 	* delete private data referenced by $key

  524. 	* @param string $user

  525. 	* @param string $app

  526. 	* @param string $key

  527. 	* @return string xml/json

  528. 	*/

  529. 	public static function deleteData($user, $app, $key) {

  530. 		return OC_Preferences::deleteKey($user,$app,$key);

  531. 	}

  532. }