00001 <?php
00002
00003
00004
00005
00006
00007
00008
00009
00010
00011
00012
00013
00014
00015
00016
00017
00018
00019
00020
00021
00022
00023
00024
00025
00026
00027
00028
00029
00030
00031
00032
00033
00034 abstract class Mage_Api_Model_Server_Handler_Abstract
00035 {
00036 protected $_resourceSuffix = null;
00037
00038 public function __construct()
00039 {
00040 set_error_handler(array(get_class($this), 'handlePhpError'), E_ALL);
00041 }
00042
00043 static public function handlePhpError($errorCode, $errorMessage, $errorFile)
00044 {
00045 Mage::log($errorMessage . $errorFile);
00046 if (in_array($errorCode, array(E_ERROR, E_USER_ERROR, E_RECOVERABLE_ERROR))) {
00047 $this->_fault('internal');
00048 }
00049 return true;
00050 }
00051
00052
00053
00054
00055
00056
00057
00058 protected function _getSession()
00059 {
00060 return Mage::getSingleton('api/session');
00061 }
00062
00063
00064
00065
00066
00067
00068 protected function _getConfig()
00069 {
00070 return Mage::getSingleton('api/config');
00071 }
00072
00073
00074
00075
00076
00077
00078 protected function _getServer()
00079 {
00080 return Mage::getSingleton('api/server');
00081 }
00082
00083
00084
00085
00086
00087
00088
00089 protected function _startSession($sessionId=null)
00090 {
00091 $this->_getSession()->setSessionId($sessionId);
00092 $this->_getSession()->init('api', 'api');
00093 return $this;
00094 }
00095
00096
00097
00098
00099
00100
00101
00102
00103
00104 protected function _isAllowed($resource, $privilege=null)
00105 {
00106 return $this->_getSession()->isAllowed($resource, $privilege);
00107 }
00108
00109
00110
00111
00112
00113
00114 protected function _isSessionExpired ()
00115 {
00116 return $this->_getSession()->isSessionExpired();
00117 }
00118
00119
00120
00121
00122
00123
00124
00125
00126 protected function _fault($faultName, $resourceName=null, $customMessage=null)
00127 {
00128 $faults = $this->_getConfig()->getFaults($resourceName);
00129 if (!isset($faults[$faultName]) && !is_null($resourceName)) {
00130 $this->_fault($faultName);
00131 return;
00132 } elseif (!isset($faults[$faultName])) {
00133 $this->_fault('unknown');
00134 return;
00135 }
00136 $this->_getServer()->getAdapter()->fault(
00137 $faults[$faultName]['code'],
00138 (is_null($customMessage) ? $faults[$faultName]['message'] : $customMessage)
00139 );
00140 }
00141
00142
00143
00144
00145
00146
00147
00148
00149
00150 protected function _faultAsArray($faultName, $resourceName=null, $customMessage=null)
00151 {
00152 $faults = $this->_getConfig()->getFaults($resourceName);
00153 if (!isset($faults[$faultName]) && !is_null($resourceName)) {
00154 return $this->_faultAsArray($faultName);
00155 } elseif (!isset($faults[$faultName])) {
00156 return $this->_faultAsArray('unknown');
00157 }
00158
00159 return array(
00160 'isFault' => true,
00161 'faultCode' => $faults[$faultName]['code'],
00162 'faultMessage' => (is_null($customMessage) ? $faults[$faultName]['message'] : $customMessage)
00163 );
00164 }
00165
00166
00167
00168
00169
00170
00171 public function startSession()
00172 {
00173 $this->_startSession();
00174 return $this->_getSession()->getSessionId();
00175 }
00176
00177
00178
00179
00180
00181
00182
00183
00184 public function endSession($sessionId)
00185 {
00186 $this->_startSession($sessionId);
00187 $this->_getSession()->clear();
00188 return true;
00189 }
00190
00191
00192
00193
00194
00195
00196
00197 protected function _prepareResourceModelName($resource)
00198 {
00199 if (null !== $this->_resourceSuffix) {
00200 return $resource . $this->_resourceSuffix;
00201 }
00202 return $resource;
00203 }
00204
00205
00206
00207
00208
00209
00210
00211
00212 public function login($username, $apiKey)
00213 {
00214 $this->_startSession();
00215 try {
00216 $this->_getSession()->login($username, $apiKey);
00217 } catch (Exception $e) {
00218 return $this->_fault('access_denied');
00219 }
00220 return $this->_getSession()->getSessionId();
00221 }
00222
00223
00224
00225
00226
00227
00228
00229
00230
00231 public function call($sessionId, $apiPath, $args = array())
00232 {
00233 $this->_startSession($sessionId);
00234
00235 if (!$this->_getSession()->isLoggedIn($sessionId)) {
00236 return $this->_fault('session_expired');
00237 }
00238
00239 list($resourceName, $methodName) = explode('.', $apiPath);
00240
00241 if (empty($resourceName) || empty($methodName)) {
00242 return $this->_fault('resource_path_invalid');
00243 }
00244
00245 $resourcesAlias = $this->_getConfig()->getResourcesAlias();
00246 $resources = $this->_getConfig()->getResources();
00247 if (isset($resourcesAlias->$resourceName)) {
00248 $resourceName = (string) $resourcesAlias->$resourceName;
00249 }
00250
00251 if (!isset($resources->$resourceName)
00252 || !isset($resources->$resourceName->methods->$methodName)) {
00253 return $this->_fault('resource_path_invalid');
00254 }
00255
00256 if (!isset($resources->$resourceName->public)
00257 && isset($resources->$resourceName->acl)
00258 && !$this->_isAllowed((string)$resources->$resourceName->acl)) {
00259 return $this->_fault('access_denied');
00260
00261 }
00262
00263
00264 if (!isset($resources->$resourceName->methods->$methodName->public)
00265 && isset($resources->$resourceName->methods->$methodName->acl)
00266 && !$this->_isAllowed((string)$resources->$resourceName->methods->$methodName->acl)) {
00267 return $this->_fault('access_denied');
00268 }
00269
00270 $methodInfo = $resources->$resourceName->methods->$methodName;
00271
00272 try {
00273 $method = (isset($methodInfo->method) ? (string) $methodInfo->method : $methodName);
00274
00275 $modelName = $this->_prepareResourceModelName((string) $resources->$resourceName->model);
00276 try {
00277 $model = Mage::getModel($modelName);
00278 if ($model instanceof Mage_Api_Model_Resource_Abstract) {
00279 $model->setResourceConfig($resources->$resourceName);
00280 }
00281 } catch (Exception $e) {
00282 throw new Mage_Api_Exception('resource_path_not_callable');
00283 }
00284
00285 if (is_callable(array(&$model, $method))) {
00286 if (isset($methodInfo->arguments) && ((string)$methodInfo->arguments) == 'array') {
00287 return $model->$method((is_array($args) ? $args : array($args)));
00288 } elseif (!is_array($args)) {
00289 return $model->$method($args);
00290 } else {
00291 return call_user_func_array(array(&$model, $method), $args);
00292 }
00293 } else {
00294 throw new Mage_Api_Exception('resource_path_not_callable');
00295 }
00296 } catch (Mage_Api_Exception $e) {
00297 return $this->_fault($e->getMessage(), $resourceName, $e->getCustomMessage());
00298 } catch (Exception $e) {
00299 Mage::logException($e);
00300 return $this->_fault('internal', null, $e->getMessage());
00301 }
00302 }
00303
00304
00305
00306
00307
00308
00309
00310
00311
00312 public function multiCall($sessionId, array $calls = array(), $options = array())
00313 {
00314 $this->_startSession($sessionId);
00315
00316 if (!$this->_getSession()->isLoggedIn($sessionId)) {
00317 return $this->_fault('session_expired');
00318 }
00319
00320 $result = array();
00321
00322 $resourcesAlias = $this->_getConfig()->getResourcesAlias();
00323 $resources = $this->_getConfig()->getResources();
00324
00325 foreach ($calls as $call) {
00326 if (!isset($call[0])) {
00327 $result[] = $this->_faultAsArray('resource_path_invalid');
00328 if (isset($options['break']) && $options['break']==1) {
00329 break;
00330 } else {
00331 continue;
00332 }
00333 }
00334
00335 $apiPath = $call[0];
00336 $args = (isset($call[1]) ? $call[1] : array());
00337
00338 list($resourceName, $methodName) = explode('.', $apiPath);
00339
00340 if (empty($resourceName) || empty($methodName)) {
00341 $result[] = $this->_faultAsArray('resource_path_invalid');
00342 if (isset($options['break']) && $options['break']==1) {
00343 break;
00344 } else {
00345 continue;
00346 }
00347 }
00348
00349 if (isset($resourcesAlias->$resourceName)) {
00350 $resourceName = (string) $resourcesAlias->$resourceName;
00351 }
00352
00353 if (!isset($resources->$resourceName)
00354 || !isset($resources->$resourceName->methods->$methodName)) {
00355 $result[] = $this->_faultAsArray('resource_path_invalid');
00356 if (isset($options['break']) && $options['break']==1) {
00357 break;
00358 } else {
00359 continue;
00360 }
00361 }
00362
00363 if (!isset($resources->$resourceName->public)
00364 && isset($resources->$resourceName->acl)
00365 && !$this->_isAllowed((string)$resources->$resourceName->acl)) {
00366 $result[] = $this->_faultAsArray('access_denied');
00367 if (isset($options['break']) && $options['break']==1) {
00368 break;
00369 } else {
00370 continue;
00371 }
00372 }
00373
00374
00375 if (!isset($resources->$resourceName->methods->$methodName->public)
00376 && isset($resources->$resourceName->methods->$methodName->acl)
00377 && !$this->_isAllowed((string)$resources->$resourceName->methods->$methodName->acl)) {
00378 $result[] = $this->_faultAsArray('access_denied');
00379 if (isset($options['break']) && $options['break']==1) {
00380 break;
00381 } else {
00382 continue;
00383 }
00384 }
00385
00386 $methodInfo = $resources->$resourceName->methods->$methodName;
00387
00388 try {
00389 $method = (isset($methodInfo->method) ? (string) $methodInfo->method : $methodName);
00390
00391 $modelName = $this->_prepareResourceModelName((string) $resources->$resourceName->model);
00392 try {
00393 $model = Mage::getModel($modelName);
00394 } catch (Exception $e) {
00395 throw new Mage_Api_Exception('resource_path_not_callable');
00396 }
00397
00398 if (is_callable(array(&$model, $method))) {
00399 if (isset($methodInfo->arguments) && ((string)$methodInfo->arguments) == 'array') {
00400 $result[] = $model->$method((is_array($args) ? $args : array($args)));
00401 } elseif (!is_array($args)) {
00402 $result[] = $model->$method($args);
00403 } else {
00404 $result[] = call_user_func_array(array(&$model, $method), $args);
00405 }
00406 } else {
00407 throw new Mage_Api_Exception('resource_path_not_callable');
00408 }
00409 } catch (Mage_Api_Exception $e) {
00410 $result[] = $this->_faultAsArray($e->getMessage(), $resourceName, $e->getCustomMessage());
00411 if (isset($options['break']) && $options['break']==1) {
00412 break;
00413 } else {
00414 continue;
00415 }
00416 } catch (Exception $e) {
00417 Mage::logException($e);
00418 $result[] = $this->_faultAsArray('internal');
00419 if (isset($options['break']) && $options['break']==1) {
00420 break;
00421 } else {
00422 continue;
00423 }
00424 }
00425 }
00426
00427 return $result;
00428 }
00429
00430
00431
00432
00433
00434
00435
00436 public function resources($sessionId)
00437 {
00438 $this->_startSession($sessionId);
00439 $resources = array();
00440
00441 $resourcesAlias = array();
00442 foreach ($this->_getConfig()->getResourcesAlias() as $alias => $resourceName) {
00443 $resourcesAlias[(string) $resourceName][] = $alias;
00444 }
00445
00446
00447 foreach ($this->_getConfig()->getResources() as $resourceName => $resource) {
00448 if (isset($resource->acl) && !$this->_isAllowed((string) $resource->acl)) {
00449 continue;
00450 }
00451
00452 $methods = array();
00453 foreach ($resource->methods->children() as $methodName => $method) {
00454 if (isset($method->acl) && !$this->_isAllowed((string) $method->acl)) {
00455 continue;
00456 }
00457 $methodAliases = array();
00458 if (isset($resourcesAlias[$resourceName])) {
00459 foreach ($resourcesAlias[$resourceName] as $alias) {
00460 $methodAliases[] = $alias . '.' . $methodName;
00461 }
00462 }
00463
00464 $methods[] = array(
00465 'title' => (string) $method->title,
00466 'description' => (isset($method->description) ? (string)$method->description : null),
00467 'path' => $resourceName . '.' . $methodName,
00468 'name' => $methodName,
00469 'aliases' => $methodAliases
00470 );
00471 }
00472
00473 if (count($methods) == 0) {
00474 continue;
00475 }
00476
00477 $resources[] = array(
00478 'title' => (string) $resource->title,
00479 'description' => (isset($resource->description) ? (string)$resource->description : null),
00480 'name' => $resourceName,
00481 'aliases' => (isset($resourcesAlias[$resourceName]) ? $resourcesAlias[$resourceName] : array()),
00482 'methods' => $methods
00483 );
00484 }
00485
00486 return $resources;
00487 }
00488
00489
00490
00491
00492
00493
00494
00495
00496 public function resourceFaults($sessionId, $resourceName)
00497 {
00498 $this->_startSession($sessionId);
00499
00500 $resourcesAlias = $this->_getConfig()->getResourcesAlias();
00501 $resources = $this->_getConfig()->getResources();
00502
00503 if (isset($resourcesAlias->$resourceName)) {
00504 $resourceName = (string) $resourcesAlias->$resourceName;
00505 }
00506
00507
00508 if (empty($resourceName)
00509 || !isset($resources->$resourceName)) {
00510 return $this->_fault('resource_path_invalid');
00511 }
00512
00513 if (isset($resources->$resourceName->acl)
00514 && !$this->_isAllowed((string)$resources->$resourceName->acl)) {
00515 return $this->_fault('access_denied');
00516 }
00517
00518 return array_values($this->_getConfig()->getFaults($resourceName));
00519 }
00520
00521
00522
00523
00524
00525
00526
00527 public function globalFaults($sessionId)
00528 {
00529 $this->_startSession($sessionId);
00530 return array_values($this->_getConfig()->getFaults());
00531 }
00532 }