2020-06-25 16:54:58 +02:00
|
|
|
<?php
|
|
|
|
|
2022-11-18 18:06:46 +01:00
|
|
|
namespace Core\API {
|
2020-06-25 16:54:58 +02:00
|
|
|
|
2024-04-22 13:05:35 +02:00
|
|
|
use Core\API\Parameter\IntegerType;
|
2024-04-23 14:05:29 +02:00
|
|
|
use Core\API\Parameter\StringType;
|
|
|
|
use Core\Objects\Captcha\CaptchaProvider;
|
2022-11-18 18:06:46 +01:00
|
|
|
use Core\Objects\Context;
|
2024-04-11 20:41:03 +02:00
|
|
|
use Core\API\Parameter\ArrayType;
|
|
|
|
use Core\API\Parameter\Parameter;
|
2020-06-25 16:54:58 +02:00
|
|
|
|
2022-06-20 19:52:31 +02:00
|
|
|
abstract class SettingsAPI extends Request {
|
2024-04-11 20:41:03 +02:00
|
|
|
|
|
|
|
protected array $predefinedKeys;
|
|
|
|
|
2022-06-20 19:52:31 +02:00
|
|
|
public function __construct(Context $context, bool $externalCall = false, array $params = array()) {
|
|
|
|
parent::__construct($context, $externalCall, $params);
|
2024-04-11 20:41:03 +02:00
|
|
|
|
|
|
|
// TODO: improve this, additional validation for allowed chars etc.
|
|
|
|
// API parameters should be more configurable, e.g. allow regexes, min/max values for numbers, etc.
|
|
|
|
$this->predefinedKeys = [
|
|
|
|
"allowed_extensions" => new ArrayType("allowed_extensions", Parameter::TYPE_STRING),
|
2024-04-22 13:05:35 +02:00
|
|
|
"trusted_domains" => new ArrayType("trusted_domains", Parameter::TYPE_STRING),
|
2024-04-11 20:41:03 +02:00
|
|
|
"user_registration_enabled" => new Parameter("user_registration_enabled", Parameter::TYPE_BOOLEAN),
|
2024-04-23 14:05:29 +02:00
|
|
|
"captcha_provider" => new StringType("captcha_provider", -1, true, "none", CaptchaProvider::PROVIDERS),
|
2024-04-11 20:41:03 +02:00
|
|
|
"mail_enabled" => new Parameter("mail_enabled", Parameter::TYPE_BOOLEAN),
|
2024-04-22 13:05:35 +02:00
|
|
|
"mail_port" => new IntegerType("mail_port", 1, 65535)
|
2024-04-11 20:41:03 +02:00
|
|
|
];
|
2022-06-20 19:52:31 +02:00
|
|
|
}
|
2020-06-25 16:54:58 +02:00
|
|
|
}
|
|
|
|
}
|
|
|
|
|
2022-11-18 18:06:46 +01:00
|
|
|
namespace Core\API\Settings {
|
2020-06-25 16:54:58 +02:00
|
|
|
|
2024-04-05 13:01:15 +02:00
|
|
|
use Core\API\Parameter\ArrayType;
|
2022-11-18 18:06:46 +01:00
|
|
|
use Core\API\Parameter\Parameter;
|
2024-04-22 13:05:35 +02:00
|
|
|
use Core\API\Parameter\RegexType;
|
2022-11-18 18:06:46 +01:00
|
|
|
use Core\API\Parameter\StringType;
|
|
|
|
use Core\API\SettingsAPI;
|
|
|
|
use Core\Configuration\Settings;
|
|
|
|
use Core\Driver\SQL\Column\Column;
|
|
|
|
use Core\Driver\SQL\Condition\CondBool;
|
|
|
|
use Core\Driver\SQL\Condition\CondIn;
|
|
|
|
use Core\Driver\SQL\Strategy\UpdateStrategy;
|
|
|
|
use Core\Objects\Context;
|
2023-01-16 21:47:23 +01:00
|
|
|
use Core\Objects\DatabaseEntity\Group;
|
2020-06-25 16:54:58 +02:00
|
|
|
|
|
|
|
class Get extends SettingsAPI {
|
|
|
|
|
2022-06-20 19:52:31 +02:00
|
|
|
public function __construct(Context $context, bool $externalCall = false) {
|
|
|
|
parent::__construct($context, $externalCall, array(
|
2020-06-27 22:47:12 +02:00
|
|
|
'key' => new StringType('key', -1, true, NULL)
|
2020-06-25 16:54:58 +02:00
|
|
|
));
|
|
|
|
}
|
|
|
|
|
2022-02-21 13:01:03 +01:00
|
|
|
public function _execute(): bool {
|
2020-06-25 16:54:58 +02:00
|
|
|
$key = $this->getParam("key");
|
2022-06-20 19:52:31 +02:00
|
|
|
$sql = $this->context->getSQL();
|
2020-06-25 16:54:58 +02:00
|
|
|
|
2023-01-11 22:05:02 +01:00
|
|
|
$settings = Settings::getAll($sql, $key);
|
|
|
|
if ($settings !== null) {
|
2020-06-25 16:54:58 +02:00
|
|
|
$this->result["settings"] = $settings;
|
2023-01-11 22:05:02 +01:00
|
|
|
} else {
|
|
|
|
return $this->createError("Error fetching settings: " . $sql->getLastError());
|
2020-06-25 16:54:58 +02:00
|
|
|
}
|
|
|
|
|
|
|
|
return $this->success;
|
|
|
|
}
|
2023-01-16 21:47:23 +01:00
|
|
|
|
2024-04-23 12:14:28 +02:00
|
|
|
public static function getDescription(): string {
|
|
|
|
return "Allows users to fetch site settings";
|
|
|
|
}
|
|
|
|
|
|
|
|
public static function getDefaultPermittedGroups(): array {
|
|
|
|
return [Group::ADMIN];
|
2023-01-16 21:47:23 +01:00
|
|
|
}
|
2020-06-25 16:54:58 +02:00
|
|
|
}
|
|
|
|
|
|
|
|
class Set extends SettingsAPI {
|
2022-06-20 19:52:31 +02:00
|
|
|
public function __construct(Context $context, bool $externalCall = false) {
|
|
|
|
parent::__construct($context, $externalCall, array(
|
2024-04-05 13:01:15 +02:00
|
|
|
'settings' => new ArrayType("settings", Parameter::TYPE_MIXED)
|
2020-06-25 16:54:58 +02:00
|
|
|
));
|
|
|
|
}
|
|
|
|
|
2022-02-21 13:01:03 +01:00
|
|
|
public function _execute(): bool {
|
2020-06-25 16:54:58 +02:00
|
|
|
$values = $this->getParam("settings");
|
|
|
|
if (empty($values)) {
|
|
|
|
return $this->createError("No values given.");
|
|
|
|
}
|
|
|
|
|
2024-04-22 13:05:35 +02:00
|
|
|
$paramKey = new RegexType('key', "[a-zA-Z_][a-zA-Z_0-9-]*");
|
2024-04-11 20:41:03 +02:00
|
|
|
$paramValueDefault = new StringType('value', 1024, true, NULL);
|
2020-06-25 16:54:58 +02:00
|
|
|
|
2022-06-20 19:52:31 +02:00
|
|
|
$sql = $this->context->getSQL();
|
2024-04-11 20:41:03 +02:00
|
|
|
$query = $sql->insert("Settings", ["name", "value"]);
|
2020-06-26 19:31:31 +02:00
|
|
|
$keys = array();
|
|
|
|
$deleteKeys = array();
|
2020-06-25 16:54:58 +02:00
|
|
|
|
2024-04-05 13:01:15 +02:00
|
|
|
foreach ($values as $key => $value) {
|
2024-04-11 20:41:03 +02:00
|
|
|
$paramValue = $this->predefinedKeys[$key] ?? $paramValueDefault;
|
|
|
|
|
2020-06-25 16:54:58 +02:00
|
|
|
if (!$paramKey->parseParam($key)) {
|
|
|
|
$key = print_r($key, true);
|
|
|
|
return $this->createError("Invalid Type for key in parameter settings: '$key' (Required: " . $paramKey->getTypeName() . ")");
|
2024-04-05 13:01:15 +02:00
|
|
|
} else if (!is_null($value) && !$paramValue->parseParam($value)) {
|
2020-06-25 16:54:58 +02:00
|
|
|
$value = print_r($value, true);
|
2024-04-05 13:01:15 +02:00
|
|
|
return $this->createError("Invalid Type for value in parameter settings for key '$key': '$value' (Required: " . $paramValue->getTypeName() . ")");
|
2020-06-25 16:54:58 +02:00
|
|
|
} else {
|
2020-06-26 19:31:31 +02:00
|
|
|
if (!is_null($paramValue->value)) {
|
2024-04-11 20:41:03 +02:00
|
|
|
$query->addRow($paramKey->value, json_encode($paramValue->value));
|
2020-06-26 19:31:31 +02:00
|
|
|
} else {
|
|
|
|
$deleteKeys[] = $paramKey->value;
|
|
|
|
}
|
|
|
|
$keys[] = $paramKey->value;
|
2024-04-05 13:01:15 +02:00
|
|
|
$paramKey->reset();
|
|
|
|
$paramValue->reset();
|
2020-06-25 16:54:58 +02:00
|
|
|
}
|
|
|
|
}
|
|
|
|
|
2020-06-26 19:31:31 +02:00
|
|
|
if ($this->isExternalCall()) {
|
|
|
|
$column = $this->checkReadonly($keys);
|
|
|
|
if(!$this->success) {
|
|
|
|
return false;
|
|
|
|
} else if($column !== null) {
|
|
|
|
return $this->createError("Column '$column' is readonly.");
|
|
|
|
}
|
|
|
|
}
|
|
|
|
|
2024-04-05 13:01:15 +02:00
|
|
|
if (!empty($deleteKeys) && !$this->deleteKeys($deleteKeys)) {
|
2020-06-26 19:31:31 +02:00
|
|
|
return false;
|
|
|
|
}
|
|
|
|
|
|
|
|
if (count($deleteKeys) !== count($keys)) {
|
|
|
|
$query->onDuplicateKeyStrategy(new UpdateStrategy(
|
2024-04-11 20:41:03 +02:00
|
|
|
["name"],
|
|
|
|
["value" => new Column("value")])
|
2020-06-26 19:31:31 +02:00
|
|
|
);
|
|
|
|
|
|
|
|
|
|
|
|
$this->success = ($query->execute() !== FALSE);
|
|
|
|
$this->lastError = $sql->getLastError();
|
2024-04-05 14:17:50 +02:00
|
|
|
|
|
|
|
if ($this->success) {
|
|
|
|
$this->logger->info("The site settings were changed");
|
|
|
|
}
|
2020-06-26 19:31:31 +02:00
|
|
|
}
|
|
|
|
|
|
|
|
return $this->success;
|
|
|
|
}
|
|
|
|
|
|
|
|
private function checkReadonly(array $keys) {
|
2022-06-20 19:52:31 +02:00
|
|
|
$sql = $this->context->getSQL();
|
2020-06-26 19:31:31 +02:00
|
|
|
$res = $sql->select("name")
|
|
|
|
->from("Settings")
|
|
|
|
->where(new CondBool("readonly"))
|
2021-12-08 16:53:43 +01:00
|
|
|
->where(new CondIn(new Column("name"), $keys))
|
2022-06-08 18:37:08 +02:00
|
|
|
->first()
|
2020-06-26 19:31:31 +02:00
|
|
|
->execute();
|
|
|
|
|
|
|
|
$this->success = ($res !== FALSE);
|
|
|
|
$this->lastError = $sql->getLastError();
|
|
|
|
|
2022-06-08 18:37:08 +02:00
|
|
|
if ($this->success && $res !== null) {
|
|
|
|
return $res["name"];
|
2020-06-26 19:31:31 +02:00
|
|
|
}
|
|
|
|
|
|
|
|
return null;
|
|
|
|
}
|
|
|
|
|
2023-01-11 22:05:02 +01:00
|
|
|
private function deleteKeys(array $keys): bool {
|
2022-06-20 19:52:31 +02:00
|
|
|
$sql = $this->context->getSQL();
|
2020-06-26 19:31:31 +02:00
|
|
|
$res = $sql->delete("Settings")
|
2021-12-08 16:53:43 +01:00
|
|
|
->where(new CondIn(new Column("name"), $keys))
|
2020-06-26 19:31:31 +02:00
|
|
|
->execute();
|
2020-06-25 16:54:58 +02:00
|
|
|
|
2020-06-26 19:31:31 +02:00
|
|
|
$this->success = ($res !== FALSE);
|
2020-06-25 16:54:58 +02:00
|
|
|
$this->lastError = $sql->getLastError();
|
|
|
|
return $this->success;
|
|
|
|
}
|
2023-01-16 21:47:23 +01:00
|
|
|
|
2024-04-23 12:14:28 +02:00
|
|
|
public static function getDescription(): string {
|
|
|
|
return "Allows users to modify site settings";
|
|
|
|
}
|
|
|
|
|
|
|
|
public static function getDefaultPermittedGroups(): array {
|
|
|
|
return [Group::ADMIN];
|
2023-01-16 21:47:23 +01:00
|
|
|
}
|
2020-06-25 16:54:58 +02:00
|
|
|
}
|
|
|
|
}
|