From 8310e8554b74c9ea4359b7ae82d9a4cfd4f1ff08 Mon Sep 17 00:00:00 2001
From: "Michael Kaufmann (d00p)" <d00p@froxlor.org>
Date: Wed, 21 Feb 2018 13:14:54 +0100
Subject: [PATCH] enable usage of 'domainname' as an alternative to 'id' for
 Domains::get() and Domains::delete(); enable usage of 'loginname' as an
 alternative to 'id' for Customers::get() and Customers::delete()

Signed-off-by: Michael Kaufmann (d00p) <d00p@froxlor.org>
---
 lib/classes/api/commands/class.Customers.php | 39 ++++++++++++-----
 lib/classes/api/commands/class.Domains.php   | 45 +++++++++++++++-----
 2 files changed, 64 insertions(+), 20 deletions(-)

diff --git a/lib/classes/api/commands/class.Customers.php b/lib/classes/api/commands/class.Customers.php
index ecef61f4..852fafe9 100644
--- a/lib/classes/api/commands/class.Customers.php
+++ b/lib/classes/api/commands/class.Customers.php
@@ -52,10 +52,12 @@ class Customers extends ApiCommand implements ResourceEntity
 	}
 
 	/**
-	 * return a customer entry by id
+	 * return a customer entry by either id or loginname
 	 *
 	 * @param int $id
-	 *        	customer-id
+	 *        	optional, the customer-id
+	 * @param string $loginname
+	 *        	optional, the loginname
 	 *        	
 	 * @throws Exception
 	 * @return array
@@ -63,13 +65,20 @@ class Customers extends ApiCommand implements ResourceEntity
 	public function get()
 	{
 		if ($this->isAdmin()) {
-			$id = $this->getParam('id');
+			$id = $this->getParam('id', true, 0);
+			$ln_optional = ($id <= 0 ? false : true);
+			$loginname = $this->getParam('loginname', $ln_optional, '');
+
+			if ($id <= 0 && empty($loginname)) {
+				throw new Exception("Either 'id' or 'loginname' parameter must be given", 406);
+			}
+
 			$this->logger()->logAction(ADM_ACTION, LOG_NOTICE, "[API] get customer #" . $id);
 			$result_stmt = Database::prepare("
 			SELECT * FROM `" . TABLE_PANEL_CUSTOMERS . "`
-			WHERE `customerid` = :id" . ($this->getUserDetail('customers_see_all') ? '' : " AND `adminid` = :adminid"));
+			WHERE ".($id > 0 ? "`customerid` = :idln" : "`loginname` = :idln") . ($this->getUserDetail('customers_see_all') ? '' : " AND `adminid` = :adminid"));
 			$params = array(
-				'id' => $id
+				'idln' => ($id <= 0 ? $loginname : $id)
 			);
 			if ($this->getUserDetail('customers_see_all') == '0') {
 				$params['adminid'] = $this->getUserDetail('adminid');
@@ -1096,10 +1105,12 @@ class Customers extends ApiCommand implements ResourceEntity
 	}
 
 	/**
-	 * delete a customer entry by id
+	 * delete a customer entry by either id or loginname
 	 *
 	 * @param int $id
-	 *        	customer-id
+	 *        	optional, the customer-id
+	 * @param string $loginname
+	 *        	optional, the loginname
 	 * @param bool $delete_userfiles
 	 *        	optional, default false
 	 *        	
@@ -1109,13 +1120,21 @@ class Customers extends ApiCommand implements ResourceEntity
 	public function delete()
 	{
 		if ($this->isAdmin()) {
-			$id = $this->getParam('id');
+			$id = $this->getParam('id', true, 0);
+			$ln_optional = ($id <= 0 ? false : true);
+			$loginname = $this->getParam('loginname', $ln_optional, '');
 			$delete_userfiles = $this->getParam('delete_userfiles', true, 0);
-			
+
+			if ($id <= 0 && empty($loginname)) {
+				throw new Exception("Either 'id' or 'loginname' parameter must be given", 406);
+			}
+
 			$json_result = Customers::getLocal($this->getUserData(), array(
-				'id' => $id
+				'id' => $id,
+				'loginname' => $loginname
 			))->get();
 			$result = json_decode($json_result, true)['data'];
+			$id = $result['customerid'];
 			
 			// @fixme use Databases-ApiCommand later
 			$databases_stmt = Database::prepare("
diff --git a/lib/classes/api/commands/class.Domains.php b/lib/classes/api/commands/class.Domains.php
index 6d4085d3..90084e20 100644
--- a/lib/classes/api/commands/class.Domains.php
+++ b/lib/classes/api/commands/class.Domains.php
@@ -52,10 +52,12 @@ class Domains extends ApiCommand implements ResourceEntity
 	}
 
 	/**
-	 * return a domain entry by id
+	 * return a domain entry by either id or domainname
 	 *
 	 * @param int $id
-	 *        	domain-id
+	 *        	optional, the domain-id
+	 * @param string $domainname
+	 *        	optional, the domainname
 	 * @param boolean $no_std_subdomain
 	 *        	optional, default false
 	 *        	
@@ -65,17 +67,30 @@ class Domains extends ApiCommand implements ResourceEntity
 	public function get()
 	{
 		if ($this->isAdmin()) {
-			$id = $this->getParam('id');
+			$id = $this->getParam('id', true, 0);
+			$dn_optional = ($id <= 0 ? false : true);
+			$domainname = $this->getParam('domainname', $dn_optional, '');
 			$no_std_subdomain = $this->getParam('no_std_subdomain', true, false);
 			$this->logger()->logAction(ADM_ACTION, LOG_NOTICE, "[API] get domain #" . $id);
+
+			if ($id <= 0 && empty($domainname)) {
+				throw new Exception("Either 'id' or 'domainname' parameter must be given", 406);
+			}
+
+			// convert possible idn domain to punycode
+			if (substr($domainname, 0, 4) != 'xn--') {
+				$idna_convert = new idna_convert_wrapper();
+				$domainname = $idna_convert->encode($domainname);
+			}
+
 			$result_stmt = Database::prepare("
 				SELECT `d`.*, `c`.`customerid`
 				FROM `" . TABLE_PANEL_DOMAINS . "` `d`
 				LEFT JOIN `" . TABLE_PANEL_CUSTOMERS . "` `c` USING(`customerid`)
 				WHERE `d`.`parentdomainid` = '0'
-				AND `d`.`id` = :id" . ($no_std_subdomain ? ' AND `d.`id` <> `c`.`standardsubdomain`' : '') . ($this->getUserDetail('customers_see_all') ? '' : " AND `d`.`adminid` = :adminid"));
+				AND ".($id > 0 ? "`d`.`id` = :iddn" : "`d`.`domain` = :iddn") . ($no_std_subdomain ? ' AND `d.`id` <> `c`.`standardsubdomain`' : '') . ($this->getUserDetail('customers_see_all') ? '' : " AND `d`.`adminid` = :adminid"));
 			$params = array(
-				'id' => $id
+				'iddn' => ($id <= 0 ? $domainname : $id)
 			);
 			if ($this->getUserDetail('customers_see_all') == '0') {
 				$params['adminid'] = $this->getUserDetail('adminid');
@@ -1539,10 +1554,12 @@ class Domains extends ApiCommand implements ResourceEntity
 	}
 
 	/**
-	 * delete a domain entry by id
+	 * delete a domain entry by either id or domainname
 	 *
 	 * @param int $id
-	 *        	domain-id
+	 *        	optional, the domain-id
+	 * @param string $domainname
+	 *        	optional, the domainname
 	 * @param bool $delete_mainsubdomains
 	 *        	optional, remove also domains that are subdomains of this domain but added as main domains; default false
 	 * @param bool $is_stdsubdomain
@@ -1554,14 +1571,22 @@ class Domains extends ApiCommand implements ResourceEntity
 	public function delete()
 	{
 		if ($this->isAdmin()) {
-			$id = $this->getParam('id');
+			$id = $this->getParam('id', true, 0);
+			$dn_optional = ($id <= 0 ? false : true);
+			$domainname = $this->getParam('domainname', $dn_optional, '');
 			$is_stdsubdomain = $this->getParam('is_stdsubdomain', true, 0);
 			$remove_subbutmain_domains = $this->getParam('delete_mainsubdomains', true, 0);
-			
+
+			if ($id <= 0 && empty($domainname)) {
+				throw new Exception("Either 'id' or 'domainname' parameter must be given", 406);
+			}
+
 			$json_result = Domains::getLocal($this->getUserData(), array(
-				'id' => $id
+				'id' => $id,
+				'domainname' => $domainname
 			))->get();
 			$result = json_decode($json_result, true)['data'];
+			$id = $result['id'];
 			
 			// check for deletion of main-domains which are logically subdomains, #329
 			$rsd_sql = '';