Skip to content
Snippets Groups Projects
Commit 831c96a4 authored by Tomáš Valenta's avatar Tomáš Valenta
Browse files

finish plugin

parent 1cc21e28
No related branches found
No related tags found
No related merge requests found
Hide whitespace changes
Inline Side-by-side
assets/javascript/nastenka_sync.js
+ 1
2
View file @ 831c96a4
......@@ -21,8 +21,7 @@ window.addEventListener(
return;
}
nextUrl.searchParams.append("sid", window.SESSION_ID);
nextUrl.searchParams.append("user-agent", window.navigator.userAgent);
nextUrl.searchParams.append("token", window.TOKEN);
window.location = nextUrl;
}
......
ext/eparsons/restapi/config/routing.yml
+ 2
2
View file @ 831c96a4
......@@ -17,7 +17,7 @@ eparsons_restapi_users_user:
userId: \d+
eparsons_restapi_forums_threads:
path: /restApiV1/forums/{forumId}/threads
path: /restApiV1/forums/{forum_id}/threads
defaults: { _controller: eparsons.restapi.controller.forums:viewThreads }
requirements:
forumId: \d+
forum_id: \d+
ext/eparsons/restapi/controller/forums/Forums.php
+ 45
6
View file @ 831c96a4
......@@ -49,11 +49,11 @@ class Forums
}
/**
* Handler for /api/forums/{forumId}/threads GET requests
* Handler for /api/forums/{forum_id}/threads GET requests
*
* @return JsonResponse A Symfony Response object
*/
public function viewThreads($forumId)
public function viewThreads($forum_id)
{
$errorResponse = $this->validation->ValidateRequest('GET');
if ($errorResponse != null)
......@@ -61,16 +61,55 @@ class Forums
return $errorResponse;
}
global $db, $phpbb_container;
$forum_id = (int)$forum_id;
global $db, $phpbb_container, $table_prefix, $request;
$phpbb_content_visibility = $phpbb_container->get('content.visibility');
$request->enable_super_globals();
if (!isset($_GET["token"])) {
http_response_code(400);
die();
}
$api_token_query = $db->sql_query(
'SELECT user_id, allowed_forum_ids
FROM ' . $table_prefix . 'api_tokens
WHERE token=\'' . $db->sql_escape($_GET["token"]) . '\''
);
$request->disable_super_globals();
$user_id = null;
$allowed_forum_ids = array();
while ($row = $db->sql_fetchrow($api_token_query)) {
$user_id = $row["user_id"];
$allowed_forum_ids = explode(",", $row["allowed_forum_ids"]);
foreach ($allowed_forum_ids as &$allowed_forum_id) {
$allowed_forum_id = (int)$allowed_forum_id;
}
}
if ($user_id === null) {
http_response_code(401);
die();
}
if (!in_array($forum_id, $allowed_forum_ids)) {
http_response_code(401);
die();
}
$threads_query = $db->sql_query(
'SELECT *
FROM ' . TOPICS_TABLE . '
WHERE
forum_id = ' . $forumId . '
AND ' . $phpbb_content_visibility->get_visibility_sql('topic', $forumId) . '
forum_id = ' . $forum_id . '
AND ' . $phpbb_content_visibility->get_visibility_sql('topic', $forum_id) . '
ORDER BY topic_id DESC'
);
......@@ -88,7 +127,7 @@ class Forums
FROM ' . POSTS_TABLE . '
WHERE
topic_id = ' . $row["topic_id"] . '
AND ' . $phpbb_content_visibility->get_visibility_sql('post', $forumId) . '
AND ' . $phpbb_content_visibility->get_visibility_sql('post', $forum_id) . '
ORDER BY post_id DESC'
);
......
nastenka_sync.php
+ 37
14
View file @ 831c96a4
......@@ -15,6 +15,7 @@ if ($user->data['user_id'] == ANONYMOUS)
exit;
}
$request->enable_super_globals();
if (!isset($_GET["forum_scopes"])) {
http_response_code(400);
......@@ -32,23 +33,43 @@ foreach ($requested_forum_ids as &$forum_id) {
$forum_id = (int)$forum_id;
if (
$auth->acl_gets('f_list', 'f_list_topics', 'f_read', $forum_id)
&& $forum_data['forum_type'] == FORUM_LINK
&& $forum_data['forum_link']
&& !$auth->acl_get('f_read', $forum_id)
) {
$forum_data = null;
$forum_query = $db->sql_query(
'SELECT * FROM ' . $table_prefix . 'forums
WHERE forum_id= ' . $forum_id
);
while ($row = $db->sql_fetchrow($forum_query)) {
$forum_data = $row;
}
if ($forum_data === null) {
http_response_code(404);
die();
}
if (!(
!$auth->acl_gets('f_list', 'f_list_topics', 'f_read', $forum_id)
|| (
$forum_data['forum_type'] == FORUM_LINK
&& $forum_data['forum_link']
&& !$auth->acl_get('f_read', $forum_id)
)
)) {
array_push($allowed_forum_ids, $forum_id);
}
}
$db->sql_query(
'CREATE TABLE IF NOT EXISTS ' . $table_prefix . 'api_tokens (
user_id INT PRIMARY KEY,
user_id INT(10) UNSIGNED,
allowed_forum_ids TEXT NOT NULL,
token VARCHAR(32) NOT NULL,
FOREIGN KEY (user_id) REFERENCES ' . $table_prefix . 'user(user_id) ON DELETE CASCADE
)'
PRIMARY KEY (user_id),
FOREIGN KEY (user_id)
REFERENCES ' . $table_prefix . 'users (user_id)
ON DELETE CASCADE
) ENGINE=INNODB'
);
$existing_token_query = $db->sql_query(
......@@ -71,15 +92,15 @@ if (!$token_exists) {
'INSERT INTO ' . $table_prefix . 'api_tokens
VALUES ('
. $user->data["user_id"] . ', '
. '\'' . implode(",", allowed_forum_ids) . '\', '
. $token .
. '\'' . implode(",", $allowed_forum_ids) . '\', '
. '\'' . $token . '\'' .
')'
);
} else {
$db->sql_query(
'UPDATE ' . $table_prefix . 'api_tokens
WHERE user_id=' . $user->data["user_id"] . '
SET allowed_forum_ids = \'' . implode(",", allowed_forum_ids) . '\''
SET allowed_forum_ids = \'' . implode(",", $allowed_forum_ids) . '\'
WHERE user_id=' . $user->data["user_id"]
);
}
......@@ -89,8 +110,10 @@ $template->set_filenames(array(
'body' => 'nastenka_sync.html',
));
$template->assign_vars(array(
'API_TOKEN' => $token,
'TOKEN' => $token,
));
$request->disable_super_globals();
page_footer();
?>
styles/all/template/nastenka_sync.html
+ 1
1
View file @ 831c96a4
......@@ -24,7 +24,7 @@
</div>
<script>
window.SESSION_ID = "{SESSION_ID}";
window.TOKEN = "{TOKEN}";
</script>
<script src="./assets/javascript/nastenka_sync.js?v=1"></script>
......
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Please register or to comment

Pirátský GitLab - Home of the CopyLeft