Versions Compared

Old Version 1

changes.mady.by.user Nathaniel Halbrooks

Saved on

compared with

New Version Current

changes.mady.by.user Nathaniel Halbrooks

Saved on

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.

...

Inside of the file we will include our generic base

Code Block
<?php
 
namespace FreePBX\modules\Ponies\Api\Rest;
use FreePBX\modules\Api\Rest\Base;
class Ponies extends Base {
}

You've now created a generic Rest api class that does nothing! Congratulations!

...

Note

You don't have to define any scopes and can instead use the catch all read and write for your module.

Code Block
public static function getScopes() {
    return [
        'read:ponylist' => [
            'description' => _('Read the list of ponies'),
        ],
        'write:pnylist' => [
            'description' => _('Write to the pony list'),
        ]
    ];
}

As you can see above we first define either read or write separated by a colon. You can ONLY define the words read or write in the first part of the scope. After that you can add anything you wish to help differentiate your scopes.

...

Now lets add the functional code

Code Block
public function setupRoutes($app) {
    $app->get('/list', function ($request, $response, $args) {
        $data = [];
        return $response->withJson($data);
    });
}

The above example will create an API call like so: GET http://<hostname>/admin/api/api/rest/ponies/list

...

This is a simple get request but you can use any route type provided by Slim (https://www.slimframework.com/docs/v3/objects/router.html )

Code Block
public function setupRoutes($app) {
    $app->get('/list', function ($request, $response, $args) {
        $data = [];
        return $response->withJson($data);
    });
})->add($this->checkReadScopeMiddleware('ponylist'));

Now our middleware will check to make sure this call is listed in the valid scopes.

...

The first type will check to make sure you have a global read permissions such as rest:read

Code Block
checkAllReadScopeMiddleware()

The second type will check to make sure you have a global write permissions such as rest:write

Code Block
checkAllWriteScopeMiddleware()

The third type will check to make sure you have a read scope specific permissions such as rest:read:list

Code Block
checkReadScopeMiddleware($scope)

The fourth type will check to make sure you have a write scope specific permissions such as rest:read:list

Code Block
checkWriteScopeMiddleware($scope)

The fifth type will let you define the scope in full such as 'rest:read:list'

Code Block
checkScopeMiddleware($scope)

Example

This is a working example in FreePBX currently under framework that provides system information

...

http://<hostname>/admin/api/api/rest/framework/needreload

Code Block
<?php
 
namespace FreePBX\Api\Rest;
use FreePBX\modules\Api\Rest\Base;
class System extends Base {
    public static function getScopes() {
        return [
            'read:system' => [
                'description' => _('Read system information'),
            ]
        ];
    }
 
    public function setupRoutes($app) {
        $app->get('/version', function ($request, $response, $args) {
            $data = ['status' => true, 'version' => getVersion()];
            return $response->withJson($data);
        })->add($this->checkReadScopeMiddleware('system'));
 
        $app->get('/engine', function ($request, $response, $args) {
            $data = ['status' => true, 'engine' => engine_getinfo()['version']];
            return $response->withJson($data);
        })->add($this->checkReadScopeMiddleware('system'));
 
        $app->get('/needreload', function ($request, $response, $args) {
            $data = ['status' => true, 'needreload' => check_reload_needed()];
            return $response->withJson($data);
        })->add($this->checkReadScopeMiddleware('system'));
    }
}