diff options
Diffstat (limited to 'engine/lib')
-rw-r--r-- | engine/lib/web_services.php | 48 |
1 files changed, 44 insertions, 4 deletions
diff --git a/engine/lib/web_services.php b/engine/lib/web_services.php index b9c87843e..e529711e1 100644 --- a/engine/lib/web_services.php +++ b/engine/lib/web_services.php @@ -1342,8 +1342,6 @@ function unregister_service_handler($handler) { } } -// REST handler - /** * REST API handler * @@ -1352,10 +1350,52 @@ function unregister_service_handler($handler) { function rest_handler() { global $CONFIG; - require $CONFIG->path . "services/api/rest_api.php"; + // Register the error handler + error_reporting(E_ALL); + set_error_handler('_php_api_error_handler'); + + // Register a default exception handler + set_exception_handler('_php_api_exception_handler'); + + // Check to see if the api is available + if ((isset($CONFIG->disable_api)) && ($CONFIG->disable_api == true)) { + throw new SecurityException(elgg_echo('SecurityException:APIAccessDenied')); + } + + // plugins should return true to control what API and user authentication handlers are registered + if (elgg_trigger_plugin_hook('rest', 'init', null, false) == false) { + // for testing from a web browser, you can use the session PAM + // do not use for production sites!! + //register_pam_handler('pam_auth_session'); + + // user token can also be used for user authentication + register_pam_handler('pam_auth_usertoken'); + + // simple API key check + register_pam_handler('api_auth_key', "sufficient", "api"); + // hmac + register_pam_handler('api_auth_hmac', "sufficient", "api"); + } + + // Get parameter variables + $method = get_input('method'); + $result = null; + + // this will throw an exception if authentication fails + authenticate_method($method); + + $result = execute_method($method); + + + if (!($result instanceof GenericResult)) { + throw new APIException(elgg_echo('APIException:ApiResultUnknown')); + } + + // Output the result + echo elgg_view_page($method, elgg_view("api/output", array("result" => $result))); } -// Initialisation +// Initialization /** * Unit tests for API |