lainwir3d/dolibarr
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

Work on authentication

Browse Source
This commit is contained in:
jfefe 2015-05-02 18:14:51 +02:00
parent 65ff78f61a
commit 8027759304
3 changed files with 141 additions and 3 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

52
htdocs/api/class/api.class.php
View File

@ -16,6 +16,8 @@
*/ */
use Luracast\Restler\Restler; use Luracast\Restler\Restler;
use Luracast\Restler\RestException;
/** /**
* Class for API * Class for API
@ -78,7 +80,6 @@ class DolibarrApi {
/** /**
* API init * API init
* This class exists to show 200 code when request url root /api/
* *
*/ */
class DolibarrApiInit extends DolibarrApi { class DolibarrApiInit extends DolibarrApi {
@ -87,4 +88,53 @@ class DolibarrApiInit extends DolibarrApi {
} }
/**
* Log user with login and password
* @todo : to finish!
*
* @param string $login
* @param string $password
* @param int $entity
* @throws RestException
*/
public function login($login, $password, $entity = '') {
// Authentication mode
if (empty($dolibarr_main_authentication))
$dolibarr_main_authentication = 'http,dolibarr';
// Authentication mode: forceuser
if ($dolibarr_main_authentication == 'forceuser' && empty($dolibarr_auto_user))
$dolibarr_auto_user = 'auto';
// Set authmode
$authmode = explode(',', $dolibarr_main_authentication);
include_once DOL_DOCUMENT_ROOT . '/core/lib/security2.lib.php';
$login = checkLoginPassEntity($login, $password, $entity, $authmode);
if (empty($login))
{
throw new RestException(403, 'Access denied');
}
return array(
'success' => array(
'code' => 200,
'message' => 'Welcome ' . $login
)
);
}
/**
* @access protected
* @class DolibarrApiAccess {@requires admin}
*/
public function status() {
require_once DOL_DOCUMENT_ROOT . '/core/lib/functions.lib.php';
return array(
'success' => array(
'code' => 200,
'dolibarr_version' => DOL_VERSION
)
);
}
} }

83
htdocs/api/class/api_access.class.php Normal file
View File

@ -0,0 +1,83 @@
<?php
use \Luracast\Restler\iAuthenticate;
use \Luracast\Restler\Resources;
use \Luracast\Restler\Defaults;
require_once DOL_DOCUMENT_ROOT.'/user/class/user.class.php';
/**
* Description of DolibarrApiAccess
*
* @author jfefe
*/
class DolibarrApiAccess implements iAuthenticate
{
const REALM = 'Restricted Dolibarr API';
const TEST_KEY = 'changeme';
/**
*
* @var string $role user / external / admin
* @var string $requires
*/
public static $requires = 'user';
public static $role = 'user';
public function __isAllowed()
{
//@todo hardcoded api_key=>role for brevity
//
$roles = array('123' => 'user', '456' => 'external', '789' => 'admin');
$userClass = Defaults::$userIdentifierClass;
// for dev @todo : remove this!
static::$role = 'user';
if( isset($_GET['test_key'])) {
if( ! $_GET['test_key'] == DolibarrApiAccess::TEST_KEY) {
$userClass::setCacheIdentifier($_GET['test_key']);
return false;
}
}
elseif (isset($_GET['api_key'])) {
// @todo : check from database
if (!array_key_exists($_GET['api_key'], $roles)) {
$userClass::setCacheIdentifier($_GET['api_key']);
return false;
}
static::$role = $roles[$_GET['api_key']];
}
else
{
return false;
}
$userClass::setCacheIdentifier(static::$role);
Resources::$accessControlFunction = 'DolibarrApiAccess::verifyAccess';
return static::$requires == static::$role || static::$role == 'admin';
}
public function __getWWWAuthenticateString()
{
return 'Query name="api_key"';
}
/**
* @access private
*/
public static function verifyAccess(array $m)
{
$requires =
isset($m['class']['DolibarrApiAccess']['properties']['requires'])
? $m['class']['DolibarrApiAccess']['properties']['requires']
: false;
return $requires
? static::$role == 'admin' || static::$role == $requires
: true;
}
}

7
htdocs/public/api/index.php
View File

@ -34,6 +34,7 @@ if (! $res) die("Include of main fails");
require_once DOL_DOCUMENT_ROOT.'/includes/restler/vendor/autoload.php'; require_once DOL_DOCUMENT_ROOT.'/includes/restler/vendor/autoload.php';
require_once DOL_DOCUMENT_ROOT.'/api/class/api.class.php'; require_once DOL_DOCUMENT_ROOT.'/api/class/api.class.php';
require_once DOL_DOCUMENT_ROOT.'/api/class/api_access.class.php';
require_once DOL_DOCUMENT_ROOT.'/core/lib/functions2.lib.php'; require_once DOL_DOCUMENT_ROOT.'/core/lib/functions2.lib.php';
// Enable and test if module Api is enabled // Enable and test if module Api is enabled
@ -46,11 +47,15 @@ if (empty($conf->global->MAIN_MODULE_API))
exit; exit;
} }
use Luracast\Restler\Defaults;
$api = new DolibarrApi($db); $api = new DolibarrApi($db);
$api->r->setSupportedFormats('JsonFormat', 'XmlFormat');
$api->r->addAPIClass('Luracast\\Restler\\Resources'); //this creates resources.json at API Root $api->r->addAPIClass('Luracast\\Restler\\Resources'); //this creates resources.json at API Root
$api->r->addAPIClass('DolibarrApiInit',''); // Just for url root page $api->r->addAPIClass('DolibarrApiInit',''); // Just for url root page
$api->r->setSupportedFormats('JsonFormat', 'XmlFormat');
$api->r->addAuthenticationClass('DolibarrApiAccess','');
$modulesdir = dolGetModulesDirs(); $modulesdir = dolGetModulesDirs();
foreach ($modulesdir as $dir) foreach ($modulesdir as $dir)