diff options
Diffstat (limited to 'engine/lib/web_services.php')
| -rw-r--r-- | engine/lib/web_services.php | 48 | 
1 files changed, 44 insertions, 4 deletions
| diff --git a/engine/lib/web_services.php b/engine/lib/web_services.php index b9c87843e..e529711e1 100644 --- a/engine/lib/web_services.php +++ b/engine/lib/web_services.php @@ -1342,8 +1342,6 @@ function unregister_service_handler($handler) {  	}  } -// REST handler -  /**   * REST API handler   * @@ -1352,10 +1350,52 @@ function unregister_service_handler($handler) {  function rest_handler() {  	global $CONFIG; -	require $CONFIG->path . "services/api/rest_api.php"; +	// Register the error handler +	error_reporting(E_ALL); +	set_error_handler('_php_api_error_handler'); + +	// Register a default exception handler +	set_exception_handler('_php_api_exception_handler'); + +	// Check to see if the api is available +	if ((isset($CONFIG->disable_api)) && ($CONFIG->disable_api == true)) { +		throw new SecurityException(elgg_echo('SecurityException:APIAccessDenied')); +	} + +	// plugins should return true to control what API and user authentication handlers are registered +	if (elgg_trigger_plugin_hook('rest', 'init', null, false) == false) { +		// for testing from a web browser, you can use the session PAM +		// do not use for production sites!! +		//register_pam_handler('pam_auth_session'); + +		// user token can also be used for user authentication +		register_pam_handler('pam_auth_usertoken'); + +		// simple API key check +		register_pam_handler('api_auth_key', "sufficient", "api"); +		// hmac +		register_pam_handler('api_auth_hmac', "sufficient", "api"); +	} + +	// Get parameter variables +	$method = get_input('method'); +	$result = null; + +	// this will throw an exception if authentication fails +	authenticate_method($method); + +	$result = execute_method($method); + + +	if (!($result instanceof GenericResult)) { +		throw new APIException(elgg_echo('APIException:ApiResultUnknown')); +	} + +	// Output the result +	echo elgg_view_page($method, elgg_view("api/output", array("result" => $result)));  } -// Initialisation +// Initialization  /**   * Unit tests for API | 
