From ae1dc93a14a729343005b5bc72590898e92a301d Mon Sep 17 00:00:00 2001 From: Paminger Date: Mon, 11 Apr 2016 08:11:15 +0200 Subject: [PATCH] API-Struktur und CodeSniffer Verbesserungen --- application/controllers/DBTools.php | 2 +- .../api/v1/{AuthAPI.php => APIAuth.php} | 20 ++-- .../api/{Key.php => v1/APIKey.php} | 94 ++++++++++++++----- application/controllers/api/v1/Example.php | 48 ++++++---- .../api/v1/{ => person}/Kontakt.php | 0 .../api/v1/{ => person}/Person.php | 48 ++++++---- phpci.yml | 2 +- 7 files changed, 142 insertions(+), 72 deletions(-) rename application/controllers/api/v1/{AuthAPI.php => APIAuth.php} (91%) rename application/controllers/api/{Key.php => v1/APIKey.php} (81%) rename application/controllers/api/v1/{ => person}/Kontakt.php (100%) rename application/controllers/api/v1/{ => person}/Person.php (81%) diff --git a/application/controllers/DBTools.php b/application/controllers/DBTools.php index 604456cb9..f68c67a3a 100644 --- a/application/controllers/DBTools.php +++ b/application/controllers/DBTools.php @@ -85,7 +85,7 @@ class DBTools extends FHC_Controller /** * Migrate to latest or current version * - * @param string $version One of either "latest" or "current" + * @param string $version [optional] One of either "latest" or "current" * @return void */ public function migrate($version = 'latest') diff --git a/application/controllers/api/v1/AuthAPI.php b/application/controllers/api/v1/APIAuth.php similarity index 91% rename from application/controllers/api/v1/AuthAPI.php rename to application/controllers/api/v1/APIAuth.php index 129e383dc..1d289be79 100644 --- a/application/controllers/api/v1/AuthAPI.php +++ b/application/controllers/api/v1/APIAuth.php @@ -14,7 +14,8 @@ // ------------------------------------------------------------------------ -defined('BASEPATH') OR exit('No direct script access allowed'); +if (! defined('BASEPATH')) + exit('No direct script access allowed'); // This can be removed if you use __autoload() in config.php OR use Modular Extensions //require APPPATH . '/libraries/REST_Controller.php'; @@ -22,15 +23,14 @@ defined('BASEPATH') OR exit('No direct script access allowed'); /** * Handles user authentication and registration process */ -class AuthAPI extends APIv1_Controller +class AuthAPI extends APIv1_Controller { - /** * Userauth-Controller constructor. * A more elaborate description of the constructor. * {@inheritdoc} */ - function __construct() + public function __construct() { // Construct the parent class parent::__construct(); @@ -47,10 +47,11 @@ class AuthAPI extends APIv1_Controller /** * Checks user credentials and creates a new session - * @return string JSON that indicates success/failure of login + * * @example normal account: http://wsp.fortyseeds.at/backend/api/userauth/login/username/foo%40bar.at/password/secret/device_id/abcdef123 * @example OAuth Google: http://wsp.fortyseeds.at/backend/api/userauth/login/username/foo%40bar.at/device_id/abcdef123/google_token/qwert321 * @example OAuth Facebook: http://wsp.fortyseeds.at/backend/api/userauth/login/username/foo%40bar.at/device_id/abcdef123/fb_token/qwert321 + * @return void JSON that indicates success/failure of login. */ public function login_get() { @@ -59,8 +60,8 @@ class AuthAPI extends APIv1_Controller $httpstatus = null; $username = urldecode($this->get('username')); $password = urldecode($this->get('password')); - - $account = $this->FHCAuth->auth($username,$password); + + $account = $this->FHCAuth->auth($username, $password); // perform login checks if (!$account) @@ -94,8 +95,9 @@ class AuthAPI extends APIv1_Controller /** * Logs out user by destroying session - * @return string JSON that indicates success/failure of logout + * * @example http://wsp.fortyseeds.at/backend/api/userauth/logout/username/foo%40bar.at/session_id/55afab8ba6f1b/device_id/abcdef123 + * @return void JSON that indicates success/failure of logout */ public function logout_get() { @@ -127,6 +129,4 @@ class AuthAPI extends APIv1_Controller // Set the response and exit $this->response($payload, $httpstatus); } - - } diff --git a/application/controllers/api/Key.php b/application/controllers/api/v1/APIKey.php similarity index 81% rename from application/controllers/api/Key.php rename to application/controllers/api/v1/APIKey.php index 0fa67172c..b28712e8c 100644 --- a/application/controllers/api/Key.php +++ b/application/controllers/api/v1/APIKey.php @@ -1,9 +1,10 @@ ['level' => 10, 'limit' => 10], 'index_delete' => ['level' => 10], @@ -34,24 +35,24 @@ class Key extends REST_Controller { public function index_put() { // Build a new key - $key = $this->_generate_key(); + $key = $this->__generateKey(); // If no key level provided, provide a generic key $level = $this->put('level') ? $this->put('level') : 1; - $ignore_limits = ctype_digit($this->put('ignore_limits')) ? (int) $this->put('ignore_limits') : 1; + $ignore_limits = ctype_digit($this->put('ignore_limits')) ? (int)$this->put('ignore_limits') : 1; // Insert the new key if ($this->_insert_key($key, ['level' => $level, 'ignore_limits' => $ignore_limits])) { $this->response([ - 'status' => TRUE, + 'status' => true, 'key' => $key ], REST_Controller::HTTP_CREATED); // CREATED (201) being the HTTP response code } else { $this->response([ - 'status' => FALSE, + 'status' => false, 'message' => 'Could not save the key' ], REST_Controller::HTTP_INTERNAL_SERVER_ERROR); // INTERNAL_SERVER_ERROR (500) being the HTTP response code } @@ -72,7 +73,7 @@ class Key extends REST_Controller { { // It doesn't appear the key exists $this->response([ - 'status' => FALSE, + 'status' => false, 'message' => 'Invalid API key' ], REST_Controller::HTTP_BAD_REQUEST); // BAD_REQUEST (400) being the HTTP response code } @@ -82,7 +83,7 @@ class Key extends REST_Controller { // Respond that the key was destroyed $this->response([ - 'status' => TRUE, + 'status' => true, 'message' => 'API key was deleted' ], REST_Controller::HTTP_NO_CONTENT); // NO_CONTENT (204) being the HTTP response code } @@ -103,7 +104,7 @@ class Key extends REST_Controller { { // It doesn't appear the key exists $this->response([ - 'status' => FALSE, + 'status' => false, 'message' => 'Invalid API key' ], REST_Controller::HTTP_BAD_REQUEST); // BAD_REQUEST (400) being the HTTP response code } @@ -112,14 +113,14 @@ class Key extends REST_Controller { if ($this->_update_key($key, ['level' => $new_level])) { $this->response([ - 'status' => TRUE, + 'status' => true, 'message' => 'API key was updated' ], REST_Controller::HTTP_OK); // OK (200) being the HTTP response code } else { $this->response([ - 'status' => FALSE, + 'status' => false, 'message' => 'Could not update the key level' ], REST_Controller::HTTP_INTERNAL_SERVER_ERROR); // INTERNAL_SERVER_ERROR (500) being the HTTP response code } @@ -140,7 +141,7 @@ class Key extends REST_Controller { { // It doesn't appear the key exists $this->response([ - 'status' => FALSE, + 'status' => false, 'message' => 'Invalid API key' ], REST_Controller::HTTP_BAD_REQUEST); // BAD_REQUEST (400) being the HTTP response code } @@ -149,14 +150,14 @@ class Key extends REST_Controller { if ($this->_update_key($key, ['level' => 0])) { $this->response([ - 'status' => TRUE, + 'status' => true, 'message' => 'Key was suspended' ], REST_Controller::HTTP_OK); // OK (200) being the HTTP response code } else { $this->response([ - 'status' => FALSE, + 'status' => false, 'message' => 'Could not suspend the user' ], REST_Controller::HTTP_INTERNAL_SERVER_ERROR); // INTERNAL_SERVER_ERROR (500) being the HTTP response code } @@ -171,20 +172,20 @@ class Key extends REST_Controller { public function regenerate_post() { $old_key = $this->post('key'); - $key_details = $this->_get_key($old_key); + $key_details = $this->__getKey($old_key); // Does this key exist? if (!$key_details) { // It doesn't appear the key exists $this->response([ - 'status' => FALSE, + 'status' => false, 'message' => 'Invalid API key' ], REST_Controller::HTTP_BAD_REQUEST); // BAD_REQUEST (400) being the HTTP response code } // Build a new key - $new_key = $this->_generate_key(); + $new_key = $this->__generateKey(); // Insert the new key if ($this->_insert_key($new_key, ['level' => $key_details->level, 'ignore_limits' => $key_details->ignore_limits])) @@ -193,14 +194,14 @@ class Key extends REST_Controller { $this->_update_key($old_key, ['level' => 0]); $this->response([ - 'status' => TRUE, + 'status' => true, 'key' => $new_key ], REST_Controller::HTTP_CREATED); // CREATED (201) being the HTTP response code } else { $this->response([ - 'status' => FALSE, + 'status' => false, 'message' => 'Could not save the key' ], REST_Controller::HTTP_INTERNAL_SERVER_ERROR); // INTERNAL_SERVER_ERROR (500) being the HTTP response code } @@ -208,7 +209,13 @@ class Key extends REST_Controller { /* Helper Methods */ - private function _generate_key() + /** + * Generate a key + * + * @access private + * @return void + */ + private function __generateKey() { do { @@ -216,9 +223,9 @@ class Key extends REST_Controller { $salt = base_convert(bin2hex($this->security->get_random_bytes(64)), 16, 36); // If an error occurred, then fall back to the previous method - if ($salt === FALSE) + if ($salt === false) { - $salt = hash('sha256', time() . mt_rand()); + $salt = hash('sha256', time().mt_rand()); } $new_key = substr($salt, 0, config_item('rest_key_length')); @@ -230,7 +237,14 @@ class Key extends REST_Controller { /* Private Data Methods */ - private function _get_key($key) + /** + * Get a key + * + * @access private + * @param string $key The API-Key. + * @return array + */ + private function __getKey($key) { return $this->db ->where(config_item('rest_key_column'), $key) @@ -238,6 +252,13 @@ class Key extends REST_Controller { ->row(); } + /** + * Check if key exists + * + * @access private + * @param string $key The API-Key. + * @return bool + */ private function _key_exists($key) { return $this->db @@ -245,6 +266,14 @@ class Key extends REST_Controller { ->count_all_results(config_item('rest_keys_table')) > 0; } + /** + * Insert a key + * + * @access private + * @param string $key The API-Key. + * @param array $data The API-Key-Data. + * @return bool + */ private function _insert_key($key, $data) { $data[config_item('rest_key_column')] = $key; @@ -255,6 +284,14 @@ class Key extends REST_Controller { ->insert(config_item('rest_keys_table')); } + /** + * Update a key + * + * @access private + * @param string $key The API-Key. + * @param array $data The API-Key-Data. + * @return bool + */ private function _update_key($key, $data) { return $this->db @@ -262,6 +299,13 @@ class Key extends REST_Controller { ->update(config_item('rest_keys_table'), $data); } + /** + * Delete a key + * + * @access private + * @param string $key The API-Key. + * @return bool + */ private function _delete_key($key) { return $this->db diff --git a/application/controllers/api/v1/Example.php b/application/controllers/api/v1/Example.php index 0e84e47ef..ca6643e31 100644 --- a/application/controllers/api/v1/Example.php +++ b/application/controllers/api/v1/Example.php @@ -11,17 +11,18 @@ * @license MIT * @link https://github.com/chriskacerguis/codeigniter-restserver */ -defined('BASEPATH') OR exit('No direct script access allowed'); +if (! defined('BASEPATH')) + exit('No direct script access allowed'); // This can be removed if you use __autoload() in config.php OR use Modular Extensions -require APPPATH . '/libraries/REST_Controller.php'; +require APPPATH.'/libraries/REST_Controller.php'; -class Example extends REST_Controller { - - /** - * @copydoc REST_Controller::__construct() - */ - function __construct() +class Example extends REST_Controller +{ + /** + * @copydoc REST_Controller::__construct() + */ + public function __construct() { // Construct the parent class parent::__construct(); @@ -33,6 +34,9 @@ class Example extends REST_Controller { $this->methods['user_delete']['limit'] = 50; // 50 requests per hour per user/key } + /** + * @return void + */ public function users_get() { // Users from a data store e.g. database @@ -46,9 +50,9 @@ class Example extends REST_Controller { // If the id parameter doesn't exist return all the users - if ($id === NULL) + if ($id === null) { - // Check if the users data store contains users (in case the database result returns NULL) + // Check if the users data store contains users (in case the database result returns null) if ($users) { // Set the response and exit @@ -58,7 +62,7 @@ class Example extends REST_Controller { { // Set the response and exit $this->response([ - 'status' => FALSE, + 'status' => false, 'message' => 'No users were found' ], REST_Controller::HTTP_NOT_FOUND); // NOT_FOUND (404) being the HTTP response code } @@ -66,19 +70,19 @@ class Example extends REST_Controller { // Find and return a single record for a particular user. - $id = (int) $id; + $id = (int)$id; // Validate the id. if ($id <= 0) { // Invalid id, set the response and exit. - $this->response(NULL, REST_Controller::HTTP_BAD_REQUEST); // BAD_REQUEST (400) being the HTTP response code + $this->response(null, REST_Controller::HTTP_BAD_REQUEST); // BAD_REQUEST (400) being the HTTP response code } // Get the user from the array, using the id as key for retreival. // Usually a model is to be used for this. - $user = NULL; + $user = null; if (!empty($users)) { @@ -98,12 +102,15 @@ class Example extends REST_Controller { else { $this->set_response([ - 'status' => FALSE, + 'status' => false, 'message' => 'User could not be found' ], REST_Controller::HTTP_NOT_FOUND); // NOT_FOUND (404) being the HTTP response code } } + /** + * @return void + */ public function users_post() { // $this->some_model->update_user( ... ); @@ -117,15 +124,18 @@ class Example extends REST_Controller { $this->set_response($message, REST_Controller::HTTP_CREATED); // CREATED (201) being the HTTP response code } + /** + * @return void + */ public function users_delete() { - $id = (int) $this->get('id'); + $id = (int)$this->get('id'); // Validate the id. if ($id <= 0) { // Set the response and exit - $this->response(NULL, REST_Controller::HTTP_BAD_REQUEST); // BAD_REQUEST (400) being the HTTP response code + $this->response(null, REST_Controller::HTTP_BAD_REQUEST); // BAD_REQUEST (400) being the HTTP response code } // $this->some_model->delete_something($id); @@ -134,7 +144,7 @@ class Example extends REST_Controller { 'message' => 'Deleted the resource' ]; - $this->set_response($message, REST_Controller::HTTP_NO_CONTENT); // NO_CONTENT (204) being the HTTP response code + // NO_CONTENT (204) being the HTTP response code + $this->set_response($message, REST_Controller::HTTP_NO_CONTENT); } - } diff --git a/application/controllers/api/v1/Kontakt.php b/application/controllers/api/v1/person/Kontakt.php similarity index 100% rename from application/controllers/api/v1/Kontakt.php rename to application/controllers/api/v1/person/Kontakt.php diff --git a/application/controllers/api/v1/Person.php b/application/controllers/api/v1/person/Person.php similarity index 81% rename from application/controllers/api/v1/Person.php rename to application/controllers/api/v1/person/Person.php index cdd5bb863..d423b9e10 100644 --- a/application/controllers/api/v1/Person.php +++ b/application/controllers/api/v1/person/Person.php @@ -13,7 +13,8 @@ */ // ------------------------------------------------------------------------ -defined('BASEPATH') || exit('No direct script access allowed'); +if (! defined('BASEPATH')) + exit('No direct script access allowed'); class Person extends APIv1_Controller { @@ -26,19 +27,22 @@ class Person extends APIv1_Controller $this->load->model('person/person_model'); } - public function person_get() + /** + * @return void + */ + public function person_get() { //if(!$this->session_model->validate($this->get('session_id'), $this->get('device_id'))) - // $this->response(array(['success' => false, 'message' => 'access denied']), REST_Controller::HTTP_UNAUTHORIZED); + // $this->response(array(['success' => false, 'message' => 'access denied']), REST_Controller::HTTP_UNAUTHORIZED); $code = $this->get('code'); $person_id = $this->get('person_id'); - if(!is_null($code)) + if (! is_null($code)) { $result = $this->person_model->getPersonByCode($code); } - elseif(!is_null($person_id)) + elseif (! is_null($person_id)) { $result = $this->person_model->getPerson($person_id); } @@ -47,7 +51,7 @@ class Person extends APIv1_Controller $result = $this->person_model->getPerson(); } - if($result['err']) + if ($result['err']) { $payload = [ 'success' => false, @@ -66,7 +70,7 @@ class Person extends APIv1_Controller $httpstatus = REST_Controller::HTTP_OK; } - if(empty($result)) + if (empty($result)) { $payload = [ 'success' => false, @@ -88,10 +92,13 @@ class Person extends APIv1_Controller $this->response($payload, $httpstatus); } - public function person_post() + /** + * @return void + */ + public function person_post() { $result = $this->person_model->savePerson($this->post()); - if($result != FALSE) + if ($result != false) { $httpstatus = REST_Controller::HTTP_OK; $payload = [ @@ -111,10 +118,13 @@ class Person extends APIv1_Controller $this->response($payload, $httpstatus); } - public function personUpdate_post() + /** + * @return void + */ + public function personUpdate_post() { $result = $this->person_model->updatePerson($this->post()); - if($result != FALSE) + if ($result != false) { $httpstatus = REST_Controller::HTTP_OK; $payload = [ @@ -134,9 +144,12 @@ class Person extends APIv1_Controller $this->response($payload, $httpstatus); } - public function checkBewerbung_get() + /** + * @return void + */ + public function checkBewerbung_get() { - $result = $this->person_model->checkBewerbung($this->get("email"),$this->get("studiensemester_kurzbz")); + $result = $this->person_model->checkBewerbung($this->get("email"), $this->get("studiensemester_kurzbz")); $httpstatus = REST_Controller::HTTP_OK; $payload = [ 'success' => true, @@ -146,11 +159,14 @@ class Person extends APIv1_Controller $this->response($payload, $httpstatus); } - public function checkZugangscodePerson_get() + /** + * @return void + */ + public function checkZugangscodePerson_get() { $result = $this->person_model->checkZugangscodePerson($this->get("code")); $httpstatus = REST_Controller::HTTP_OK; - if(!empty($result)) + if (!empty($result)) { $payload = [ 'success' => true, @@ -169,4 +185,4 @@ class Person extends APIv1_Controller $this->response($payload, $httpstatus); } -} \ No newline at end of file +} diff --git a/phpci.yml b/phpci.yml index 29d859b1c..39ee8fe54 100644 --- a/phpci.yml +++ b/phpci.yml @@ -35,7 +35,7 @@ test: php_code_sniffer: path: "application/controllers/" standard: "tests/codesniffer/FHComplete" - allowed_errors: 100 + allowed_errors: 200 allowed_warnings: 200 codeception: config: "tests/"