Code Coverage |
||||||||||
Lines |
Functions and Methods |
Classes and Traits |
||||||||
Total | |
0.00% |
0 / 57 |
|
0.00% |
0 / 4 |
CRAP | |
0.00% |
0 / 1 |
ApiTrait | |
0.00% |
0 / 57 |
|
0.00% |
0 / 4 |
240 | |
0.00% |
0 / 1 |
onDispatch | |
0.00% |
0 / 13 |
|
0.00% |
0 / 1 |
6 | |||
determineOutputMode | |
0.00% |
0 / 11 |
|
0.00% |
0 / 1 |
6 | |||
isAccessDenied | |
0.00% |
0 / 9 |
|
0.00% |
0 / 1 |
6 | |||
output | |
0.00% |
0 / 24 |
|
0.00% |
0 / 1 |
90 |
1 | <?php |
2 | |
3 | /** |
4 | * Additional functionality for API controllers. |
5 | * |
6 | * PHP version 8 |
7 | * |
8 | * Copyright (C) The National Library 2015-2016. |
9 | * |
10 | * This program is free software; you can redistribute it and/or modify |
11 | * it under the terms of the GNU General Public License version 2, |
12 | * as published by the Free Software Foundation. |
13 | * |
14 | * This program is distributed in the hope that it will be useful, |
15 | * but WITHOUT ANY WARRANTY; without even the implied warranty of |
16 | * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the |
17 | * GNU General Public License for more details. |
18 | * |
19 | * You should have received a copy of the GNU General Public License |
20 | * along with this program; if not, write to the Free Software |
21 | * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA |
22 | * |
23 | * @category VuFind |
24 | * @package Controller |
25 | * @author Ere Maijala <ere.maijala@helsinki.fi> |
26 | * @license http://opensource.org/licenses/gpl-2.0.php GNU General Public License |
27 | * @link https://vufind.org/wiki/development:plugins:controllers Wiki |
28 | */ |
29 | |
30 | namespace VuFindApi\Controller; |
31 | |
32 | use Exception; |
33 | use Laminas\Http\Exception\InvalidArgumentException; |
34 | use Laminas\Mvc\Exception\DomainException; |
35 | |
36 | /** |
37 | * Additional functionality for API controllers. |
38 | * |
39 | * @category VuFind |
40 | * @package Controller |
41 | * @author Ere Maijala <ere.maijala@helsinki.fi> |
42 | * @license http://opensource.org/licenses/gpl-2.0.php GNU General Public License |
43 | * @link https://vufind.org/wiki/development:plugins:controllers Wiki |
44 | */ |
45 | trait ApiTrait |
46 | { |
47 | /** |
48 | * Callback function in JSONP mode |
49 | * |
50 | * @var string |
51 | */ |
52 | protected $jsonpCallback = null; |
53 | |
54 | /** |
55 | * Whether to pretty-print JSON |
56 | * |
57 | * @var bool |
58 | */ |
59 | protected $jsonPrettyPrint = false; |
60 | |
61 | /** |
62 | * Type of output to use |
63 | * |
64 | * @var string |
65 | */ |
66 | protected $outputMode = 'json'; |
67 | |
68 | /** |
69 | * Execute the request |
70 | * |
71 | * @param \Laminas\Mvc\MvcEvent $e Event |
72 | * |
73 | * @return mixed |
74 | * @throws DomainException|InvalidArgumentException|Exception |
75 | */ |
76 | public function onDispatch(\Laminas\Mvc\MvcEvent $e) |
77 | { |
78 | // Add CORS headers and handle OPTIONS requests. This is a simplistic |
79 | // approach since we allow any origin. For more complete CORS handling |
80 | // a module like zfr-cors could be used. |
81 | $response = $this->getResponse(); |
82 | $headers = $response->getHeaders(); |
83 | $headers->addHeaderLine('Access-Control-Allow-Origin: *'); |
84 | $request = $this->getRequest(); |
85 | if ($request->getMethod() == 'OPTIONS') { |
86 | // Disable session writes |
87 | $this->disableSessionWrites(); |
88 | $headers->addHeaderLine( |
89 | 'Access-Control-Allow-Methods', |
90 | 'GET, POST, OPTIONS' |
91 | ); |
92 | $headers->addHeaderLine('Access-Control-Max-Age', '86400'); |
93 | |
94 | return $this->output(null, 204); |
95 | } |
96 | return parent::onDispatch($e); |
97 | } |
98 | |
99 | /** |
100 | * Determine the correct output mode based on content negotiation or the |
101 | * view parameter |
102 | * |
103 | * @return void |
104 | */ |
105 | protected function determineOutputMode() |
106 | { |
107 | $request = $this->getRequest(); |
108 | $this->jsonpCallback |
109 | = $request->getQuery('callback', $request->getPost('callback', null)); |
110 | $this->jsonPrettyPrint = filter_var( |
111 | $request->getQuery( |
112 | 'prettyPrint', |
113 | $request->getPost('prettyPrint', false) |
114 | ), |
115 | FILTER_VALIDATE_BOOLEAN |
116 | ); |
117 | $this->outputMode = empty($this->jsonpCallback) ? 'json' : 'jsonp'; |
118 | } |
119 | |
120 | /** |
121 | * Check whether access is denied and return the appropriate message or false. |
122 | * |
123 | * @param string $permission Permission to check |
124 | * |
125 | * @return \Laminas\Http\Response|boolean |
126 | */ |
127 | protected function isAccessDenied($permission) |
128 | { |
129 | $auth = $this->getService(\LmcRbacMvc\Service\AuthorizationService::class); |
130 | if (!$auth->isGranted($permission)) { |
131 | return $this->output( |
132 | [], |
133 | ApiInterface::STATUS_ERROR, |
134 | 403, |
135 | 'Permission denied' |
136 | ); |
137 | } |
138 | return false; |
139 | } |
140 | |
141 | /** |
142 | * Send output data and exit. |
143 | * |
144 | * @param mixed $data The response data |
145 | * @param string $status Status of the request |
146 | * @param int $httpCode A custom HTTP Status Code |
147 | * @param string $message Status message |
148 | * |
149 | * @return \Laminas\Http\Response |
150 | * @throws Exception |
151 | */ |
152 | protected function output($data, $status, $httpCode = null, $message = '') |
153 | { |
154 | $response = $this->getResponse(); |
155 | $headers = $response->getHeaders(); |
156 | if ($httpCode !== null) { |
157 | $response->setStatusCode($httpCode); |
158 | } |
159 | if (null === $data) { |
160 | return $response; |
161 | } |
162 | $output = $data; |
163 | if (!isset($output['status'])) { |
164 | $output['status'] = $status; |
165 | } |
166 | if ($message && !isset($output['statusMessage'])) { |
167 | $output['statusMessage'] = $message; |
168 | } |
169 | $jsonOptions = $this->jsonPrettyPrint ? JSON_PRETTY_PRINT : 0; |
170 | if ($this->outputMode == 'json') { |
171 | $headers->addHeaderLine('Content-type', 'application/json'); |
172 | $response->setContent(json_encode($output, $jsonOptions)); |
173 | return $response; |
174 | } elseif ($this->outputMode == 'jsonp') { |
175 | $headers->addHeaderLine('Content-type', 'application/javascript'); |
176 | $response->setContent( |
177 | $this->jsonpCallback . '(' . json_encode($output, $jsonOptions) |
178 | . ');' |
179 | ); |
180 | return $response; |
181 | } else { |
182 | throw new Exception('Invalid output mode'); |
183 | } |
184 | } |
185 | } |