From 75d84ddd1c83731b0363c2a9950b028b90bd0ea3 Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Tom=C3=A1=C5=A1=20Valenta?= <git@imaniti.org>
Date: Fri, 2 Jun 2023 10:32:52 +0200
Subject: [PATCH] WIP - Nastenka integration
---
assets/javascript/js.cookie.min.js | 2 +
assets/javascript/nastenka_sync.js | 27 ++
ext/eparsons/restapi/ErrorResponse.php | 35 +++
ext/eparsons/restapi/Validation.php | 85 ++++++
ext/eparsons/restapi/composer.json | 22 ++
ext/eparsons/restapi/config/routing.yml | 23 ++
ext/eparsons/restapi/config/services.yml | 31 ++
.../controller/auth/Authentication.php | 212 +++++++++++++
.../restapi/controller/forums/Forums.php | 119 ++++++++
.../restapi/controller/users/Users.php | 94 ++++++
ext/eparsons/restapi/event/event_listener.php | 118 ++++++++
ext/eparsons/restapi/license.txt | 280 ++++++++++++++++++
nastenka_sync.php | 22 ++
styles/all/template/nastenka_sync.html | 34 +++
14 files changed, 1104 insertions(+)
create mode 100644 assets/javascript/js.cookie.min.js
create mode 100644 assets/javascript/nastenka_sync.js
create mode 100755 ext/eparsons/restapi/ErrorResponse.php
create mode 100755 ext/eparsons/restapi/Validation.php
create mode 100755 ext/eparsons/restapi/composer.json
create mode 100755 ext/eparsons/restapi/config/routing.yml
create mode 100755 ext/eparsons/restapi/config/services.yml
create mode 100755 ext/eparsons/restapi/controller/auth/Authentication.php
create mode 100755 ext/eparsons/restapi/controller/forums/Forums.php
create mode 100755 ext/eparsons/restapi/controller/users/Users.php
create mode 100755 ext/eparsons/restapi/event/event_listener.php
create mode 100755 ext/eparsons/restapi/license.txt
create mode 100755 nastenka_sync.php
create mode 100644 styles/all/template/nastenka_sync.html
diff --git a/assets/javascript/js.cookie.min.js b/assets/javascript/js.cookie.min.js
new file mode 100644
index 0000000..962d48d
--- /dev/null
+++ b/assets/javascript/js.cookie.min.js
@@ -0,0 +1,2 @@
+/*! js-cookie v3.0.5 | MIT */
+!function(e,t){"object"==typeof exports&&"undefined"!=typeof module?module.exports=t():"function"==typeof define&&define.amd?define(t):(e="undefined"!=typeof globalThis?globalThis:e||self,function(){var n=e.Cookies,o=e.Cookies=t();o.noConflict=function(){return e.Cookies=n,o}}())}(this,(function(){"use strict";function e(e){for(var t=1;t<arguments.length;t++){var n=arguments[t];for(var o in n)e[o]=n[o]}return e}var t=function t(n,o){function r(t,r,i){if("undefined"!=typeof document){"number"==typeof(i=e({},o,i)).expires&&(i.expires=new Date(Date.now()+864e5*i.expires)),i.expires&&(i.expires=i.expires.toUTCString()),t=encodeURIComponent(t).replace(/%(2[346B]|5E|60|7C)/g,decodeURIComponent).replace(/[()]/g,escape);var c="";for(var u in i)i[u]&&(c+="; "+u,!0!==i[u]&&(c+="="+i[u].split(";")[0]));return document.cookie=t+"="+n.write(r,t)+c}}return Object.create({set:r,get:function(e){if("undefined"!=typeof document&&(!arguments.length||e)){for(var t=document.cookie?document.cookie.split("; "):[],o={},r=0;r<t.length;r++){var i=t[r].split("="),c=i.slice(1).join("=");try{var u=decodeURIComponent(i[0]);if(o[u]=n.read(c,u),e===u)break}catch(e){}}return e?o[e]:o}},remove:function(t,n){r(t,"",e({},n,{expires:-1}))},withAttributes:function(n){return t(this.converter,e({},this.attributes,n))},withConverter:function(n){return t(e({},this.converter,n),this.attributes)}},{attributes:{value:Object.freeze(o)},converter:{value:Object.freeze(n)}})}({read:function(e){return'"'===e[0]&&(e=e.slice(1,-1)),e.replace(/(%[\dA-F]{2})+/gi,decodeURIComponent)},write:function(e){return encodeURIComponent(e).replace(/%(2[346BF]|3[AC-F]|40|5[BDE]|60|7[BCD])/g,decodeURIComponent)}},{path:"/"});return t}));
diff --git a/assets/javascript/nastenka_sync.js b/assets/javascript/nastenka_sync.js
new file mode 100644
index 0000000..fab1f45
--- /dev/null
+++ b/assets/javascript/nastenka_sync.js
@@ -0,0 +1,27 @@
+const ALLOWED_HOSTS = ["nastenka.pirati.cz", "nastenka.pir-test.eu"];
+
+$(window).ready(
+ event => {
+ $("#synchronize").on(
+ "click",
+ event => {
+ const urlParams = new URLSearchParams(window.location.search);
+ let nextUrl = urlParams.get("next");
+
+ if (!nextUrl) {
+ alert("Chyba v předání dat. Pro podporu můžeš kontaktovat Technický odbor.");
+ return;
+ }
+
+ nextUrl = new URL(nextUrl);
+
+ if (!ALLOWED_HOSTS.includes(nextUrl.host)) {
+ alert("Chyba - přesměrování na nepovolenou adresu. Pro podporu můžeš kontaktovat Technický odbor.");
+ return;
+ }
+
+
+ }
+ );
+ }
+);
diff --git a/ext/eparsons/restapi/ErrorResponse.php b/ext/eparsons/restapi/ErrorResponse.php
new file mode 100755
index 0000000..80a6558
--- /dev/null
+++ b/ext/eparsons/restapi/ErrorResponse.php
@@ -0,0 +1,35 @@
+<?php
+/**
+ *
+ * @package phpBB Extension - eparsons/restapi
+ * @copyright (c) 2018 Eric Parsons
+ * @license https://opensource.org/licenses/GPL-2.0 GNU General Public License v2
+ *
+ */
+namespace eparsons\restapi;
+
+use Symfony\Component\HttpFoundation\JsonResponse;
+
+if (!defined('IN_PHPBB'))
+{
+ exit();
+}
+
+class ErrorResponse extends JsonResponse
+{
+ /**
+ * Constructor
+ *
+ * @param string $errorName
+ * @param string $errorMessage
+ * @param int $statusCode
+ */
+ public function __construct($errorName, $errorMessage, $statusCode)
+ {
+ $response = array();
+ $response['error'] = $errorName;
+ $response['errorMessage'] = $errorMessage;
+ parent::__construct($response, $statusCode);
+ }
+}
+
diff --git a/ext/eparsons/restapi/Validation.php b/ext/eparsons/restapi/Validation.php
new file mode 100755
index 0000000..678944d
--- /dev/null
+++ b/ext/eparsons/restapi/Validation.php
@@ -0,0 +1,85 @@
+<?php
+/**
+*
+* @package phpBB Extension - eparsons/restapi
+* @copyright (c) 2018 Eric Parsons
+* @license https://opensource.org/licenses/GPL-2.0 GNU General Public License v2
+*
+*/
+namespace eparsons\restapi;
+
+use phpbb\request\request_interface;
+use Symfony\Component\HttpFoundation\JsonResponse;
+
+if (!defined('IN_PHPBB'))
+{
+ exit();
+}
+
+class Validation
+{
+ /**
+ * phpBB request
+ *
+ * @var request_interface
+ */
+ private $request;
+
+ /**
+ * Constructor
+ *
+ * @param request_interface $request
+ */
+ public function __construct(request_interface $request)
+ {
+ $this->request = $request;
+ }
+
+ /**
+ * Validates requests
+ * @param string $requiredRequestMethod
+ * @param string $hostname
+ * @return null|JsonResponse
+ */
+ public function ValidateRequest($requiredRequestMethod = 'GET', $hostname = null)
+ {
+ $error = null;
+ $error = $error ?: $this->ValidateRequestMethod($requiredRequestMethod);
+ return $error;
+ }
+
+ public function ValidateRequiredParameter($parameterName, $parameterLocation, $parameterType = null)
+ {
+ if (!$this->request->is_set($parameterName, $parameterLocation))
+ {
+ $requiredLocation = "";
+ if ($parameterLocation == request_interface::GET)
+ {
+ $requiredLocation = 'url query string';
+ }
+ else if ($parameterLocation == request_interface::POST)
+ {
+ $requiredLocation = 'POST body';
+ }
+
+ return new ErrorResponse("INVALID_REQUEST", "Required parameter '{$parameterName}' missing from {$requiredLocation}.", 400);
+ }
+
+ if ($parameterType != null)
+ {
+ // TODO: Validate parameter type
+ }
+
+ return null;
+ }
+
+ private function ValidateRequestMethod($requiredRequestMethod)
+ {
+ if ($this->request->server('REQUEST_METHOD') !== $requiredRequestMethod)
+ {
+ return new ErrorResponse("INVALID_REQUEST", "This api call requires using {$requiredRequestMethod} requests.", 400);
+ }
+
+ return null;
+ }
+}
diff --git a/ext/eparsons/restapi/composer.json b/ext/eparsons/restapi/composer.json
new file mode 100755
index 0000000..878c7e2
--- /dev/null
+++ b/ext/eparsons/restapi/composer.json
@@ -0,0 +1,22 @@
+{
+ "name": "eparsons/restapi",
+ "type": "phpbb-extension",
+ "description": "Unofficial REST api for interacting with a phpBB forum.",
+ "homepage": "https://github.com/eparsons/RestApiForPhpBB",
+ "version": "1.0.0",
+ "license": "GPL-2.0",
+ "authors": [{
+ "name": "Eric Parsons",
+ "role": "Initial Developer"
+ }],
+ "require": {
+ "php": ">=5.4.0",
+ "composer/installers": "~1.0"
+ },
+ "extra": {
+ "display-name": "Unofficial REST Api for PhpBB",
+ "soft-require" : {
+ "phpbb/phpbb": "~3.2"
+ }
+ }
+}
diff --git a/ext/eparsons/restapi/config/routing.yml b/ext/eparsons/restapi/config/routing.yml
new file mode 100755
index 0000000..216a7c2
--- /dev/null
+++ b/ext/eparsons/restapi/config/routing.yml
@@ -0,0 +1,23 @@
+eparsons_restapi_auth_login:
+ path: /restApiV1/login
+ defaults: { _controller: eparsons.restapi.controller.auth:login }
+
+eparsons_restapi_auth_logout:
+ path: /restApiV1/logout
+ defaults: { _controller: eparsons.restapi.controller.auth:logout }
+
+eparsons_restapi_users_whoAmI:
+ path: /restApiV1/users/me
+ defaults: { _controller: eparsons.restapi.controller.users:whoAmI }
+
+eparsons_restapi_users_user:
+ path: /restApiV1/users/{userId}
+ defaults: { _controller: eparsons.restapi.controller.users:user, userId: -1 }
+ requirements:
+ userId: \d+
+
+eparsons_restapi_forums_threads:
+ path: /restApiV1/forums/{forumId}/threads
+ defaults: { _controller: eparsons.restapi.controller.forums:viewThreads }
+ requirements:
+ forumId: \d+
diff --git a/ext/eparsons/restapi/config/services.yml b/ext/eparsons/restapi/config/services.yml
new file mode 100755
index 0000000..60995e0
--- /dev/null
+++ b/ext/eparsons/restapi/config/services.yml
@@ -0,0 +1,31 @@
+services:
+ eparsons.restapi.validation:
+ class: eparsons\restapi\Validation
+ arguments:
+ - '@request'
+ eparsons.restapi.controller.auth:
+ class: eparsons\restapi\controller\auth\Authentication
+ arguments:
+ - '@request'
+ - '@auth'
+ - '@user'
+ - '@eparsons.restapi.validation'
+ - '@config'
+ eparsons.restapi.controller.users:
+ class: eparsons\restapi\controller\users\Users
+ arguments:
+ - '@user'
+ - '@eparsons.restapi.validation'
+ eparsons.restapi.controller.forums:
+ class: eparsons\restapi\controller\forums\Forums
+ arguments:
+ - '@user'
+ - '@eparsons.restapi.validation'
+ eparsons.restapi.listener:
+ class: eparsons\restapi\event\event_listener
+ arguments:
+ - '@request'
+ - '@user'
+ - '@config'
+ tags:
+ - { name: event.listener }
diff --git a/ext/eparsons/restapi/controller/auth/Authentication.php b/ext/eparsons/restapi/controller/auth/Authentication.php
new file mode 100755
index 0000000..7c0a413
--- /dev/null
+++ b/ext/eparsons/restapi/controller/auth/Authentication.php
@@ -0,0 +1,212 @@
+<?php
+/**
+*
+* @package phpBB Extension - eparsons/restapi
+* @copyright (c) 2018 Eric Parsons
+* @license https://opensource.org/licenses/GPL-2.0 GNU General Public License v2
+*
+*/
+namespace eparsons\restapi\controller\auth;
+
+use eparsons\restapi\controller\users\Users;
+use eparsons\restapi\controller\forums\Forums;
+use eparsons\restapi\ErrorResponse;
+use eparsons\restapi\Validation;
+use phpbb\config\config;
+use phpbb\request\request_interface;
+use phpbb\auth\auth;
+use phpbb\request\type_cast_helper;
+use phpbb\user;
+use Symfony\Component\HttpFoundation\JsonResponse;
+
+if (!defined('IN_PHPBB'))
+{
+ exit();
+}
+
+class Authentication
+{
+ /**
+ * phpBB request
+ *
+ * @var request_interface
+ */
+ private $request;
+
+ /**
+ * phpBB auth
+ *
+ * @var auth
+ */
+ private $auth;
+
+ /**
+ * phpBB user
+ *
+ * @var user
+ */
+ private $user;
+
+ /**
+ * REST API validator
+ *
+ * @var Validation
+ */
+ private $validation;
+
+ /**
+ * phpBB request
+ *
+ * @var config
+ */
+ private $config;
+
+ /**
+ * Constructor
+ *
+ * @param request_interface $request
+ * @param auth $auth
+ * @param user $user
+ * @param Validation $validation
+ */
+ public function __construct(request_interface $request, auth $auth, user $user, Validation $validation, config $config)
+ {
+ $this->request = $request;
+ $this->auth = $auth;
+ $this->user = $user;
+ $this->validation = $validation;
+ $this->config = $config;
+ }
+
+ /**
+ * Handler for /api/login POST requests
+ *
+ * @return JsonResponse A Symfony JsonResponse object
+ */
+ public function login()
+ {
+ // Force use of POST
+ $error = $this->validation->ValidateRequest('POST');
+ $error = $error ?: $this->validation->ValidateRequiredParameter('username', request_interface::POST);
+ $error = $error ?: $this->validation->ValidateRequiredParameter('password', request_interface::POST);
+ if ($error != null)
+ {
+ return $error;
+ }
+
+ // Make sure user->setup() has been called
+ if (!$this->user->is_setup())
+ {
+ $this->user->setup();
+ }
+
+ if ($this->user->data['is_registered'] == true) {
+ return new ErrorResponse("ALREADY_LOGGED_IN", "You are already logged in.", 400);
+ }
+
+ $username = $this->request->variable('username', '', true);
+ $password = $this->untrimmed_variable('password', '', true);
+ $persistLogin = (bool)$this->request->variable('persistLogin', false);
+
+ $auth_result = $this->auth->login($username, $password, $persistLogin);
+
+ switch ($auth_result['status'])
+ {
+ case LOGIN_SUCCESS:
+ $response['isRegistered'] = $this->user->data['is_registered'];
+ $response['isBanned'] = isset($this->user->data['is_banned']) ? $this->user->data['is_banned'] : false;
+ $response['isPasswordChangeNeeded'] = Users::isPasswordChangeNeeded($this->user, $this->config);
+ $response['userId'] = (int)$this->user->data['user_id'];
+ $response['userName'] = $this->user->data['username'];
+
+ return new JsonResponse($response, 200);
+
+ case LOGIN_ERROR_USERNAME:
+ case LOGIN_ERROR_PASSWORD:
+ return new ErrorResponse("INVALID_CREDENTIALS", "Invalid username or password specified.", 401);
+
+ case LOGIN_ERROR_ATTEMPTS:
+ return new ErrorResponse("UNAUTHORIZED", "Too many incorrect attempts. Please login via the forum and complete the captcha to continue.", 401);
+
+ case LOGIN_ERROR_ACTIVE:
+ return new ErrorResponse("INACTIVE_ACCOUNT", "Account must be activated before logging in.", 401);
+
+ default:
+ // TODO: Add logging and give client a more vague error message.
+ return new ErrorResponse("UNEXPECTED_AUTH_STATE", "Unexpected auth status: {$auth_result['status']}.", 500);
+ }
+ }
+
+ /**
+ * Handler for /api/logout POST requests
+ *
+ * @return \Symfony\Component\HttpFoundation\Response A Symfony Response object
+ */
+ public function logout()
+ {
+ // Force use of POST
+ $error = $this->validation->ValidateRequest('POST');
+ if ($error != null)
+ {
+ return $error;
+ }
+
+ $this->user->session_kill();
+
+ $response = array();
+
+ $response['isRegistered'] = $this->user->data['is_registered'];
+ $response['isBanned'] = isset($this->user->data['is_banned']) ? $this->user->data['is_banned'] : false;
+ $response['isPasswordChangeNeeded'] = Users::isPasswordChangeNeeded($this->user, $this->config);
+ $response['userId'] = (int)$this->user->data['user_id'];
+ $response['userName'] = $this->user->data['username'];
+
+ return new JsonResponse($response, 200);
+ }
+
+
+ /**
+ * This method is needed for getting untrimmed passwords because the method untrimmed_variable is not exposed on
+ * the request_interface
+ *
+ * @param $var_name
+ * @param $default
+ * @param bool $multibyte
+ * @param int $super_global
+ * @return mixed
+ */
+ private function untrimmed_variable($var_name, $default, $multibyte = false, $super_global = request_interface::REQUEST)
+ {
+ return $this->_variable($var_name, $default, $multibyte, $super_global, false);
+ }
+
+ /**
+ * This method is needed for getting untrimmed passwords because the method untrimmed_variable is not exposed on
+ * the request_interface
+ *
+ * @param $var_name
+ * @param $default
+ * @param bool $multibyte
+ * @param int $super_global
+ * @param bool $trim
+ * @return mixed
+ */
+ private function _variable($var_name, $default, $multibyte = false, $super_global = request_interface::REQUEST, $trim = true)
+ {
+ $var = $this->request->raw_variable($var_name, $default, $super_global);
+
+ // Return prematurely if raw variable is empty array or the same as
+ // the default. Using strict comparison to ensure that one can't
+ // prevent proper type checking on any input variable
+ if ($var === array() || $var === $default)
+ {
+ return $var;
+ }
+
+ $type_cast_helper = new type_cast_helper();
+ $type_cast_helper->recursive_set_var($var, $default, $multibyte, $trim);
+
+ return $var;
+ }
+}
+
diff --git a/ext/eparsons/restapi/controller/forums/Forums.php b/ext/eparsons/restapi/controller/forums/Forums.php
new file mode 100755
index 0000000..3bea4e5
--- /dev/null
+++ b/ext/eparsons/restapi/controller/forums/Forums.php
@@ -0,0 +1,119 @@
+<?php
+/**
+*
+* @package phpBB Extension - eparsons/restapi
+* @copyright (c) 2018 Eric Parsons, (copyleft) 2023 Tomáš Valenta
+* @license https://opensource.org/licenses/GPL-2.0 GNU General Public License v2
+*
+*/
+namespace eparsons\restapi\controller\forums;
+
+use eparsons\restapi\ErrorResponse;
+use eparsons\restapi\Validation;
+use phpbb\config\config;
+use phpbb\user;
+use phpbb\auth;
+use Symfony\Component\HttpFoundation\JsonResponse;
+
+if (!defined('IN_PHPBB'))
+{
+ exit();
+}
+
+class Forums
+{
+ /**
+ * phpBB user
+ *
+ * @var user
+ */
+ private $user;
+
+ /**
+ * REST API validator
+ *
+ * @var Validation
+ */
+ private $validation;
+
+ /**
+ * Constructor
+ *
+ * @param user $user
+ * @param Validation $validation
+ */
+ public function __construct(user $user, Validation $validation)
+ {
+ $this->user = $user;
+ $this->validation = $validation;
+ }
+
+ /**
+ * Handler for /api/forums/{forumId}/threads GET requests
+ *
+ * @return JsonResponse A Symfony Response object
+ */
+ public function viewThreads($forumId)
+ {
+ $errorResponse = $this->validation->ValidateRequest('GET');
+ if ($errorResponse != null)
+ {
+ return $errorResponse;
+ }
+
+ global $db, $phpbb_container, $auth;
+
+ if (
+ !$auth->acl_gets('f_list', 'f_list_topics', 'f_read', $forumId)
+ || (
+ $forum_data['forum_type'] == FORUM_LINK && $forum_data['forum_link']
+ && !$auth->acl_get('f_read', $forumId)
+ )
+ ) {
+ return new ErrorResponse(
+ "NotFound",
+ "This forum does not exist.",
+ 404
+ );
+ }
+
+ $phpbb_content_visibility = $phpbb_container->get('content.visibility');
+
+ $threads_query = $db->sql_query(
+ 'SELECT *
+ FROM ' . TOPICS_TABLE . '
+ WHERE
+ forum_id = ' . $forumId . '
+ AND ' . $phpbb_content_visibility->get_visibility_sql('topic', $forumId) . '
+ ORDER BY topic_id DESC'
+ );
+
+ $topics = array();
+
+ while ($row = $db->sql_fetchrow($threads_query))
+ {
+ $topic = array();
+ $topic["id"] = $row["topic_id"];
+ $topic["title"] = $row["topic_title"];
+ $topic["time"] = (int)$row["topic_time"];
+
+ $first_post_query = $db->sql_query(
+ 'SELECT *
+ FROM ' . POSTS_TABLE . '
+ WHERE
+ topic_id = ' . $row["topic_id"] . '
+ AND ' . $phpbb_content_visibility->get_visibility_sql('post', $forumId) . '
+ ORDER BY post_id DESC'
+ );
+
+ while ($first_post_row = $db->sql_fetchrow($first_post_query))
+ {
+ $topic["content"] = $first_post_row["post_text"];
+ }
+
+ array_push($topics, $topic);
+ }
+
+ return new JsonResponse($topics, 200);
+ }
+}
diff --git a/ext/eparsons/restapi/controller/users/Users.php b/ext/eparsons/restapi/controller/users/Users.php
new file mode 100755
index 0000000..76fb89b
--- /dev/null
+++ b/ext/eparsons/restapi/controller/users/Users.php
@@ -0,0 +1,94 @@
+<?php
+/**
+*
+* @package phpBB Extension - eparsons/restapi
+* @copyright (c) 2018 Eric Parsons
+* @license https://opensource.org/licenses/GPL-2.0 GNU General Public License v2
+*
+*/
+namespace eparsons\restapi\controller\users;
+
+use eparsons\restapi\ErrorResponse;
+use eparsons\restapi\Validation;
+use phpbb\config\config;
+use phpbb\user;
+use Symfony\Component\HttpFoundation\JsonResponse;
+
+if (!defined('IN_PHPBB'))
+{
+ exit();
+}
+
+class Users
+{
+ /**
+ * phpBB user
+ *
+ * @var user
+ */
+ private $user;
+
+ /**
+ * REST API validator
+ *
+ * @var Validation
+ */
+ private $validation;
+
+ /**
+ * Constructor
+ *
+ * @param user $user
+ * @param Validation $validation
+ */
+ public function __construct(user $user, Validation $validation)
+ {
+ $this->user = $user;
+ $this->validation = $validation;
+ }
+
+ /**
+ * Handler for /api/users/me GET requests
+ *
+ * @return JsonResponse A Symfony Response object
+ */
+ public function whoAmI()
+ {
+ $errorResponse = $this->validation->ValidateRequest('GET');
+ if ($errorResponse != null)
+ {
+ return $errorResponse;
+ }
+
+ $response = array();
+ $response['isRegistered'] = $this->user->data['is_registered'];
+ $response['isBanned'] = isset($this->user->data['is_banned']) ? $this->user->data['is_banned'] : false;
+ $response['isPasswordChangeNeeded'] = isset($this->user->data['isPasswordChangeNeeded']) ? $this->user->data['isPasswordChangeNeeded'] : false;
+ $response['userId'] = (int)$this->user->data['user_id'];
+ $response['userName'] = $this->user->data['username'];
+
+ return new JsonResponse($response, 200);
+ }
+
+ /**
+ * Handler for /api/users/{userId} GET requests
+ *
+ * @return JsonResponse A Symfony Response object
+ */
+ public function user($userId)
+ {
+ $errorResponse = $this->validation->ValidateRequest('GET');
+ if ($errorResponse != null)
+ {
+ return $errorResponse;
+ }
+
+ return new ErrorResponse("NotImplemented", "This api is not yet implemented.", 400);
+ }
+
+ public static function isPasswordChangeNeeded(user $user, config $config)
+ {
+ return !empty($user->data['is_registered'])
+ && $user->data['user_passchg'] < time() - ($config['chg_passforce'] * 86400);
+ }
+}
diff --git a/ext/eparsons/restapi/event/event_listener.php b/ext/eparsons/restapi/event/event_listener.php
new file mode 100755
index 0000000..fc93018
--- /dev/null
+++ b/ext/eparsons/restapi/event/event_listener.php
@@ -0,0 +1,118 @@
+<?php
+/**
+ *
+ * @package phpBB Extension - eparsons/restapi
+ * @copyright (c) 2018 Eric Parsons
+ * @license https://opensource.org/licenses/GPL-2.0 GNU General Public License v2
+ *
+ */
+namespace eparsons\restapi\event;
+
+use eparsons\restapi\controller\users\Users;
+use eparsons\restapi\controller\forums\Forums;
+use phpbb\config\config;
+use phpbb\request\request_interface;
+use phpbb\user;
+use Symfony\Component\EventDispatcher\EventSubscriberInterface;
+
+/**
+ * Event listener
+ */
+class event_listener implements EventSubscriberInterface
+{
+ /**
+ * phpBB user
+ *
+ * @var \phpbb\user
+ */
+ private $user;
+
+ /**
+ * phpBB request
+ *
+ * @var request_interface
+ */
+ private $request;
+
+
+ /**
+ * phpBB request
+ *
+ * @var config
+ */
+ private $config;
+
+ /**
+ * Constructor for listener
+ *
+ * @param request_interface $request Request interface
+ * @param user $user
+ * @param config $config
+ * @access public
+ */
+ public function __construct(request_interface $request, user $user, config $config)
+ {
+ $this->request = $request;
+ $this->user = $user;
+ $this->config = $config;
+ }
+
+ /**
+ * Assign functions defined in this class to event listeners in the core
+ *
+ * @return array
+ * @static
+ * @access public
+ */
+ static public function getSubscribedEvents()
+ {
+ return array(
+ 'core.session_set_custom_ban' => 'handle_banned_user',
+ 'core.user_setup_after' => 'handle_user_setup_after_event'
+ );
+ }
+
+ /**
+ * Check if banned user is calling into REST API. If so, we do not want the phpBB ban page to be
+ * rendered instead of a JSON response.
+ *
+ * @param object $event The event object
+ * @return null
+ * @access public
+ */
+ public function handle_banned_user($event)
+ {
+ if ($this->in_rest_api())
+ {
+ $event['return'] = true;
+ $this->user->data['is_banned'] = $event['banned'];
+ }
+ }
+
+ /**
+ * Check if user has pending password change and update user data accordingly
+ *
+ * @param $event
+ */
+ public function handle_user_setup_after_event($event)
+ {
+ // If we are in the rest api we need to check if a password change is needed and if so, prevent phpbb's redirect
+ if ($this->in_rest_api() && !isset($this->user->data['mustChangePassword']))
+ {
+ $this->user->data['isPasswordChangeNeeded'] = Users::isPasswordChangeNeeded($this->user, $this->config);
+
+ // Set current time as last password change time to prevent phpbb from redirecting to password change page.
+ $this->user->data['user_passchg'] = time();
+ }
+ }
+
+ /**
+ * Indicates that a rest api controller defined by this extension is being called for the current request.
+ *
+ * @return bool
+ */
+ private function in_rest_api()
+ {
+ return strncmp($this->request->server('PATH_INFO'), '/restApiV', 9) == 0;
+ }
+}
diff --git a/ext/eparsons/restapi/license.txt b/ext/eparsons/restapi/license.txt
new file mode 100755
index 0000000..0b7413d
--- /dev/null
+++ b/ext/eparsons/restapi/license.txt
@@ -0,0 +1,280 @@
+ GNU GENERAL PUBLIC LICENSE
+ Version 2, June 1991
+
+ Copyright (C) 1989, 1991 Free Software Foundation, Inc.
+ 675 Mass Ave, Cambridge, MA 02139, USA
+ Everyone is permitted to copy and distribute verbatim copies
+ of this license document, but changing it is not allowed.
+
+ Preamble
+
+ The licenses for most software are designed to take away your
+freedom to share and change it. By contrast, the GNU General Public
+License is intended to guarantee your freedom to share and change free
+software--to make sure the software is free for all its users. This
+General Public License applies to most of the Free Software
+Foundation's software and to any other program whose authors commit to
+using it. (Some other Free Software Foundation software is covered by
+the GNU Library General Public License instead.) You can apply it to
+your programs, too.
+
+ When we speak of free software, we are referring to freedom, not
+price. Our General Public Licenses are designed to make sure that you
+have the freedom to distribute copies of free software (and charge for
+this service if you wish), that you receive source code or can get it
+if you want it, that you can change the software or use pieces of it
+in new free programs; and that you know you can do these things.
+
+ To protect your rights, we need to make restrictions that forbid
+anyone to deny you these rights or to ask you to surrender the rights.
+These restrictions translate to certain responsibilities for you if you
+distribute copies of the software, or if you modify it.
+
+ For example, if you distribute copies of such a program, whether
+gratis or for a fee, you must give the recipients all the rights that
+you have. You must make sure that they, too, receive or can get the
+source code. And you must show them these terms so they know their
+rights.
+
+ We protect your rights with two steps: (1) copyright the software, and
+(2) offer you this license which gives you legal permission to copy,
+distribute and/or modify the software.
+
+ Also, for each author's protection and ours, we want to make certain
+that everyone understands that there is no warranty for this free
+software. If the software is modified by someone else and passed on, we
+want its recipients to know that what they have is not the original, so
+that any problems introduced by others will not reflect on the original
+authors' reputations.
+
+ Finally, any free program is threatened constantly by software
+patents. We wish to avoid the danger that redistributors of a free
+program will individually obtain patent licenses, in effect making the
+program proprietary. To prevent this, we have made it clear that any
+patent must be licensed for everyone's free use or not licensed at all.
+
+ The precise terms and conditions for copying, distribution and
+modification follow.
+
+ GNU GENERAL PUBLIC LICENSE
+ TERMS AND CONDITIONS FOR COPYING, DISTRIBUTION AND MODIFICATION
+
+ 0. This License applies to any program or other work which contains
+a notice placed by the copyright holder saying it may be distributed
+under the terms of this General Public License. The "Program", below,
+refers to any such program or work, and a "work based on the Program"
+means either the Program or any derivative work under copyright law:
+that is to say, a work containing the Program or a portion of it,
+either verbatim or with modifications and/or translated into another
+language. (Hereinafter, translation is included without limitation in
+the term "modification".) Each licensee is addressed as "you".
+
+Activities other than copying, distribution and modification are not
+covered by this License; they are outside its scope. The act of
+running the Program is not restricted, and the output from the Program
+is covered only if its contents constitute a work based on the
+Program (independent of having been made by running the Program).
+Whether that is true depends on what the Program does.
+
+ 1. You may copy and distribute verbatim copies of the Program's
+source code as you receive it, in any medium, provided that you
+conspicuously and appropriately publish on each copy an appropriate
+copyright notice and disclaimer of warranty; keep intact all the
+notices that refer to this License and to the absence of any warranty;
+and give any other recipients of the Program a copy of this License
+along with the Program.
+
+You may charge a fee for the physical act of transferring a copy, and
+you may at your option offer warranty protection in exchange for a fee.
+
+ 2. You may modify your copy or copies of the Program or any portion
+of it, thus forming a work based on the Program, and copy and
+distribute such modifications or work under the terms of Section 1
+above, provided that you also meet all of these conditions:
+
+ a) You must cause the modified files to carry prominent notices
+ stating that you changed the files and the date of any change.
+
+ b) You must cause any work that you distribute or publish, that in
+ whole or in part contains or is derived from the Program or any
+ part thereof, to be licensed as a whole at no charge to all third
+ parties under the terms of this License.
+
+ c) If the modified program normally reads commands interactively
+ when run, you must cause it, when started running for such
+ interactive use in the most ordinary way, to print or display an
+ announcement including an appropriate copyright notice and a
+ notice that there is no warranty (or else, saying that you provide
+ a warranty) and that users may redistribute the program under
+ these conditions, and telling the user how to view a copy of this
+ License. (Exception: if the Program itself is interactive but
+ does not normally print such an announcement, your work based on
+ the Program is not required to print an announcement.)
+
+These requirements apply to the modified work as a whole. If
+identifiable sections of that work are not derived from the Program,
+and can be reasonably considered independent and separate works in
+themselves, then this License, and its terms, do not apply to those
+sections when you distribute them as separate works. But when you
+distribute the same sections as part of a whole which is a work based
+on the Program, the distribution of the whole must be on the terms of
+this License, whose permissions for other licensees extend to the
+entire whole, and thus to each and every part regardless of who wrote it.
+
+Thus, it is not the intent of this section to claim rights or contest
+your rights to work written entirely by you; rather, the intent is to
+exercise the right to control the distribution of derivative or
+collective works based on the Program.
+
+In addition, mere aggregation of another work not based on the Program
+with the Program (or with a work based on the Program) on a volume of
+a storage or distribution medium does not bring the other work under
+the scope of this License.
+
+ 3. You may copy and distribute the Program (or a work based on it,
+under Section 2) in object code or executable form under the terms of
+Sections 1 and 2 above provided that you also do one of the following:
+
+ a) Accompany it with the complete corresponding machine-readable
+ source code, which must be distributed under the terms of Sections
+ 1 and 2 above on a medium customarily used for software interchange; or,
+
+ b) Accompany it with a written offer, valid for at least three
+ years, to give any third party, for a charge no more than your
+ cost of physically performing source distribution, a complete
+ machine-readable copy of the corresponding source code, to be
+ distributed under the terms of Sections 1 and 2 above on a medium
+ customarily used for software interchange; or,
+
+ c) Accompany it with the information you received as to the offer
+ to distribute corresponding source code. (This alternative is
+ allowed only for noncommercial distribution and only if you
+ received the program in object code or executable form with such
+ an offer, in accord with Subsection b above.)
+
+The source code for a work means the preferred form of the work for
+making modifications to it. For an executable work, complete source
+code means all the source code for all modules it contains, plus any
+associated interface definition files, plus the scripts used to
+control compilation and installation of the executable. However, as a
+special exception, the source code distributed need not include
+anything that is normally distributed (in either source or binary
+form) with the major components (compiler, kernel, and so on) of the
+operating system on which the executable runs, unless that component
+itself accompanies the executable.
+
+If distribution of executable or object code is made by offering
+access to copy from a designated place, then offering equivalent
+access to copy the source code from the same place counts as
+distribution of the source code, even though third parties are not
+compelled to copy the source along with the object code.
+
+ 4. You may not copy, modify, sublicense, or distribute the Program
+except as expressly provided under this License. Any attempt
+otherwise to copy, modify, sublicense or distribute the Program is
+void, and will automatically terminate your rights under this License.
+However, parties who have received copies, or rights, from you under
+this License will not have their licenses terminated so long as such
+parties remain in full compliance.
+
+ 5. You are not required to accept this License, since you have not
+signed it. However, nothing else grants you permission to modify or
+distribute the Program or its derivative works. These actions are
+prohibited by law if you do not accept this License. Therefore, by
+modifying or distributing the Program (or any work based on the
+Program), you indicate your acceptance of this License to do so, and
+all its terms and conditions for copying, distributing or modifying
+the Program or works based on it.
+
+ 6. Each time you redistribute the Program (or any work based on the
+Program), the recipient automatically receives a license from the
+original licensor to copy, distribute or modify the Program subject to
+these terms and conditions. You may not impose any further
+restrictions on the recipients' exercise of the rights granted herein.
+You are not responsible for enforcing compliance by third parties to
+this License.
+
+ 7. If, as a consequence of a court judgment or allegation of patent
+infringement or for any other reason (not limited to patent issues),
+conditions are imposed on you (whether by court order, agreement or
+otherwise) that contradict the conditions of this License, they do not
+excuse you from the conditions of this License. If you cannot
+distribute so as to satisfy simultaneously your obligations under this
+License and any other pertinent obligations, then as a consequence you
+may not distribute the Program at all. For example, if a patent
+license would not permit royalty-free redistribution of the Program by
+all those who receive copies directly or indirectly through you, then
+the only way you could satisfy both it and this License would be to
+refrain entirely from distribution of the Program.
+
+If any portion of this section is held invalid or unenforceable under
+any particular circumstance, the balance of the section is intended to
+apply and the section as a whole is intended to apply in other
+circumstances.
+
+It is not the purpose of this section to induce you to infringe any
+patents or other property right claims or to contest validity of any
+such claims; this section has the sole purpose of protecting the
+integrity of the free software distribution system, which is
+implemented by public license practices. Many people have made
+generous contributions to the wide range of software distributed
+through that system in reliance on consistent application of that
+system; it is up to the author/donor to decide if he or she is willing
+to distribute software through any other system and a licensee cannot
+impose that choice.
+
+This section is intended to make thoroughly clear what is believed to
+be a consequence of the rest of this License.
+
+ 8. If the distribution and/or use of the Program is restricted in
+certain countries either by patents or by copyrighted interfaces, the
+original copyright holder who places the Program under this License
+may add an explicit geographical distribution limitation excluding
+those countries, so that distribution is permitted only in or among
+countries not thus excluded. In such case, this License incorporates
+the limitation as if written in the body of this License.
+
+ 9. The Free Software Foundation may publish revised and/or new versions
+of the General Public License from time to time. Such new versions will
+be similar in spirit to the present version, but may differ in detail to
+address new problems or concerns.
+
+Each version is given a distinguishing version number. If the Program
+specifies a version number of this License which applies to it and "any
+later version", you have the option of following the terms and conditions
+either of that version or of any later version published by the Free
+Software Foundation. If the Program does not specify a version number of
+this License, you may choose any version ever published by the Free Software
+Foundation.
+
+ 10. If you wish to incorporate parts of the Program into other free
+programs whose distribution conditions are different, write to the author
+to ask for permission. For software which is copyrighted by the Free
+Software Foundation, write to the Free Software Foundation; we sometimes
+make exceptions for this. Our decision will be guided by the two goals
+of preserving the free status of all derivatives of our free software and
+of promoting the sharing and reuse of software generally.
+
+ NO WARRANTY
+
+ 11. BECAUSE THE PROGRAM IS LICENSED FREE OF CHARGE, THERE IS NO WARRANTY
+FOR THE PROGRAM, TO THE EXTENT PERMITTED BY APPLICABLE LAW. EXCEPT WHEN
+OTHERWISE STATED IN WRITING THE COPYRIGHT HOLDERS AND/OR OTHER PARTIES
+PROVIDE THE PROGRAM "AS IS" WITHOUT WARRANTY OF ANY KIND, EITHER EXPRESSED
+OR IMPLIED, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF
+MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE. THE ENTIRE RISK AS
+TO THE QUALITY AND PERFORMANCE OF THE PROGRAM IS WITH YOU. SHOULD THE
+PROGRAM PROVE DEFECTIVE, YOU ASSUME THE COST OF ALL NECESSARY SERVICING,
+REPAIR OR CORRECTION.
+
+ 12. IN NO EVENT UNLESS REQUIRED BY APPLICABLE LAW OR AGREED TO IN WRITING
+WILL ANY COPYRIGHT HOLDER, OR ANY OTHER PARTY WHO MAY MODIFY AND/OR
+REDISTRIBUTE THE PROGRAM AS PERMITTED ABOVE, BE LIABLE TO YOU FOR DAMAGES,
+INCLUDING ANY GENERAL, SPECIAL, INCIDENTAL OR CONSEQUENTIAL DAMAGES ARISING
+OUT OF THE USE OR INABILITY TO USE THE PROGRAM (INCLUDING BUT NOT LIMITED
+TO LOSS OF DATA OR DATA BEING RENDERED INACCURATE OR LOSSES SUSTAINED BY
+YOU OR THIRD PARTIES OR A FAILURE OF THE PROGRAM TO OPERATE WITH ANY OTHER
+PROGRAMS), EVEN IF SUCH HOLDER OR OTHER PARTY HAS BEEN ADVISED OF THE
+POSSIBILITY OF SUCH DAMAGES.
+
+ END OF TERMS AND CONDITIONS
diff --git a/nastenka_sync.php b/nastenka_sync.php
new file mode 100755
index 0000000..95dea90
--- /dev/null
+++ b/nastenka_sync.php
@@ -0,0 +1,22 @@
+<?php
+define('IN_PHPBB', true);
+$phpbb_root_path = (defined('PHPBB_ROOT_PATH')) ? PHPBB_ROOT_PATH : './';
+$phpEx = substr(strrchr(__FILE__, '.'), 1);
+include($phpbb_root_path . 'common.' . $phpEx);
+
+// Start session management
+$user->session_begin();
+$auth->acl($user->data);
+$user->setup();
+
+page_header('Synchronizace s Nástěnkou');
+
+$template->set_filenames(array(
+ 'body' => 'nastenka_sync.html',
+));
+$template->assign_vars(array(
+ 'SESSION_ID' => $_SID,
+));
+
+page_footer();
+?>
diff --git a/styles/all/template/nastenka_sync.html b/styles/all/template/nastenka_sync.html
new file mode 100644
index 0000000..b4a6090
--- /dev/null
+++ b/styles/all/template/nastenka_sync.html
@@ -0,0 +1,34 @@
+<!-- INCLUDE overall_header.html -->
+
+<h2>Synchronizace s Nástěnkou</h2>
+
+<div class="panel">
+ <div class="inner">
+ <span class="corners-top">
+ <span></span>
+ </span>
+
+ <div class="content">
+ <p>
+ Pro synchronizaci tvého účtu s Nástěnkou po dobu 1 roku
+ klikni, prosím, na tlačítko níže.
+ </p>
+
+ <button class="button" id="synchronize">Synchronizovat</button>
+ </div>
+
+ <span class="corners-bottom">
+ <span></span>
+ </span>
+ </div>
+</div>
+
+<script>
+ const SESSION_ID = {SESSION_ID};
+</script>
+
+<script src="./assets/javascript/nastenka_sync.js?v=1"></script>
+<script src="./assets/javascript/js.cookie.min.js?v=1"></script>
+
+<!-- INCLUDE jumpbox.html -->
+<!-- INCLUDE overall_footer.html -->
--
GitLab