minor changes in ApiCommand; added Ftps.get ApiCommand
Signed-off-by: Michael Kaufmann (d00p) <d00p@froxlor.org>
This commit is contained in:
Michael Kaufmann (d00p)
2
api.php
2
api.php
@@ -56,7 +56,7 @@ function json_response($status, $status_message = '', $data = null)
|
||||
{
|
||||
$resheader = $_SERVER["SERVER_PROTOCOL"] . " " . $status;
|
||||
if (! empty($status_message)) {
|
||||
$resheader .= ' ' . $status_message;
|
||||
$resheader .= ' ' . str_replace("\n", " ", $status_message);
|
||||
}
|
||||
header($resheader);
|
||||
|
||||
|
||||
@@ -79,12 +79,14 @@ if ($page == 'overview') {
|
||||
|
||||
eval("echo \"" . getTemplate('ftp/accounts') . "\";");
|
||||
} elseif ($action == 'delete' && $id != 0) {
|
||||
$result_stmt = Database::prepare("SELECT `id`, `username`, `homedir`, `up_count`, `up_bytes`, `down_count`, `down_bytes` FROM `" . TABLE_FTP_USERS . "`
|
||||
WHERE `customerid` = :customerid
|
||||
AND `id` = :id"
|
||||
);
|
||||
Database::pexecute($result_stmt, array("customerid" => $userinfo['customerid'], "id" => $id));
|
||||
$result = $result_stmt->fetch(PDO::FETCH_ASSOC);
|
||||
try {
|
||||
$json_result = Ftps::getLocal($userinfo, array(
|
||||
'id' => $id
|
||||
))->get();
|
||||
} catch (Exception $e) {
|
||||
dynamic_error($e->getMessage());
|
||||
}
|
||||
$result = json_decode($json_result, true)['data'];
|
||||
|
||||
if (isset($result['username']) && $result['username'] != $userinfo['loginname']) {
|
||||
if (isset($_POST['send']) && $_POST['send'] == 'send') {
|
||||
@@ -369,12 +371,14 @@ if ($page == 'overview') {
|
||||
}
|
||||
}
|
||||
} elseif ($action == 'edit' && $id != 0) {
|
||||
$result_stmt = Database::prepare("SELECT `id`, `username`, `description`, `homedir`, `uid`, `gid`, `shell` FROM `" . TABLE_FTP_USERS . "`
|
||||
WHERE `customerid` = :customerid
|
||||
AND `id` = :id"
|
||||
);
|
||||
Database::pexecute($result_stmt, array("customerid" => $userinfo['customerid'], "id" => $id));
|
||||
$result = $result_stmt->fetch(PDO::FETCH_ASSOC);
|
||||
try {
|
||||
$json_result = Ftps::getLocal($userinfo, array(
|
||||
'id' => $id
|
||||
))->get();
|
||||
} catch (Exception $e) {
|
||||
dynamic_error($e->getMessage());
|
||||
}
|
||||
$result = json_decode($json_result, true)['data'];
|
||||
|
||||
if (isset($result['username']) && $result['username'] != '') {
|
||||
if (isset($_POST['send']) && $_POST['send'] == 'send') {
|
||||
|
||||
@@ -402,7 +402,7 @@ abstract class ApiCommand
|
||||
{
|
||||
$resheader = $_SERVER["SERVER_PROTOCOL"] . " " . $status;
|
||||
if (! empty($status_message)) {
|
||||
$resheader .= ' ' . $status_message;
|
||||
$resheader .= ' ' . str_replace("\n", " ", $status_message);
|
||||
}
|
||||
header($resheader);
|
||||
|
||||
@@ -432,14 +432,17 @@ abstract class ApiCommand
|
||||
), true, true);
|
||||
if ($result) {
|
||||
// admin or customer?
|
||||
if ($result['customerid'] == 0) {
|
||||
if ($result['customerid'] == 0 && $result['adminid'] > 0) {
|
||||
$this->is_admin = true;
|
||||
$table = 'panel_admins';
|
||||
$key = "adminid";
|
||||
} else {
|
||||
} elseif ($result['customerid'] > 0 && $result['adminid'] > 0) {
|
||||
$this->is_admin = false;
|
||||
$table = 'panel_customers';
|
||||
$key = "customerid";
|
||||
} else {
|
||||
// neither adminid is > 0 nor customerid is > 0 - sorry man, no way
|
||||
throw new Exception("Invalid API credentials", 400);
|
||||
}
|
||||
$sel_stmt = Database::prepare("SELECT * FROM `" . $table . "` WHERE `" . $key . "` = :id");
|
||||
$this->user_data = Database::pexecute_first($sel_stmt, array(
|
||||
|
||||
98
lib/classes/api/commands/class.Ftps.php
Normal file
98
lib/classes/api/commands/class.Ftps.php
Normal file
@@ -0,0 +1,98 @@
|
||||
<?php
|
||||
|
||||
/**
|
||||
* This file is part of the Froxlor project.
|
||||
* Copyright (c) 2010 the Froxlor Team (see authors).
|
||||
*
|
||||
* For the full copyright and license information, please view the COPYING
|
||||
* file that was distributed with this source code. You can also view the
|
||||
* COPYING file online at http://files.froxlor.org/misc/COPYING.txt
|
||||
*
|
||||
* @copyright (c) the authors
|
||||
* @author Froxlor team <team@froxlor.org> (2010-)
|
||||
* @license GPLv2 http://files.froxlor.org/misc/COPYING.txt
|
||||
* @package API
|
||||
* @since 0.10.0
|
||||
*
|
||||
*/
|
||||
class Ftps extends ApiCommand implements ResourceEntity
|
||||
{
|
||||
|
||||
public function add()
|
||||
{}
|
||||
|
||||
/**
|
||||
* return a ftp-user entry by either id or username
|
||||
*
|
||||
* @param int $id
|
||||
* optional, the customer-id
|
||||
* @param string $username
|
||||
* optional, the username
|
||||
*
|
||||
* @access admin, customer
|
||||
* @throws Exception
|
||||
* @return array
|
||||
*/
|
||||
public function get()
|
||||
{
|
||||
$id = $this->getParam('id', true, 0);
|
||||
$un_optional = ($id <= 0 ? false : true);
|
||||
$username = $this->getParam('username', $un_optional, '');
|
||||
|
||||
if ($id <= 0 && empty($username)) {
|
||||
throw new Exception("Either 'id' or 'username' parameter must be given", 406);
|
||||
}
|
||||
|
||||
$params = array();
|
||||
if ($this->isAdmin()) {
|
||||
if ($this->getUserDetail('customers_see_all') != 1) {
|
||||
// if it's a reseller or an admin who cannot see all customers, we need to check
|
||||
// whether the database belongs to one of his customers
|
||||
$json_result = Customers::getLocal($this->getUserData())->list();
|
||||
$custom_list_result = json_decode($json_result, true)['data']['list'];
|
||||
$customer_ids = array();
|
||||
foreach ($custom_list_result as $customer) {
|
||||
$customer_ids[] = $customer['customerid'];
|
||||
}
|
||||
$result_stmt = Database::prepare("
|
||||
SELECT * FROM `" . TABLE_FTP_USERS . "`
|
||||
WHERE `customerid` IN (:customerid)
|
||||
AND (`id` = :idun OR `username` = :idun)
|
||||
");
|
||||
$params['customerid'] = implode(", ", $customer_ids);
|
||||
} else {
|
||||
$result_stmt = Database::prepare("
|
||||
SELECT * FROM `" . TABLE_FTP_USERS . "`
|
||||
WHERE (`id` = :idun OR `username` = :idun)
|
||||
");
|
||||
}
|
||||
} else {
|
||||
if (Settings::IsInList('panel.customer_hide_options', 'ftp')) {
|
||||
throw new Exception("You cannot access this resource", 405);
|
||||
}
|
||||
$result_stmt = Database::prepare("
|
||||
SELECT * FROM `" . TABLE_FTP_USERS . "`
|
||||
WHERE `customerid` = :customerid
|
||||
AND (`id` = :idun OR `username` = :idun)
|
||||
");
|
||||
$params['customerid'] = $this->getUserDetail('customerid');
|
||||
}
|
||||
$params['idun'] = ($id <= 0 ? $username : $id);
|
||||
$result = Database::pexecute_first($result_stmt, $params, true, true);
|
||||
if ($result) {
|
||||
$this->logger()->logAction($this->isAdmin() ? ADM_ACTION : USR_ACTION, LOG_NOTICE, "[API] get ftp-user '" . $result['username'] . "'");
|
||||
return $this->response(200, "successfull", $result);
|
||||
}
|
||||
$key = ($id > 0 ? "id #" . $id : "username '" . $username . "'");
|
||||
throw new Exception("FTP user with " . $key . " could not be found", 404);
|
||||
}
|
||||
|
||||
public function update()
|
||||
{}
|
||||
|
||||
public function list()
|
||||
{}
|
||||
|
||||
public function delete()
|
||||
{}
|
||||
}
|
||||
Reference in New Issue
Block a user