From 3ca6b1a435c49d2eebbf3080fc8561ad7e798ffd Mon Sep 17 00:00:00 2001
From: Mike Koch <Mike Koch>
Date: Sat, 24 Jun 2017 16:04:19 -0400
Subject: [PATCH] Add a URL rewrite setting for the API. Not using it in code
 yet... might not even do that lol

---
 admin/api_settings.php                   | 47 ++++++++++------
 api/htaccess.txt                         | 16 ++++++
 install/mods-for-hesk/sql/installSql.php |  1 +
 internal-api/js/api-settings.js          | 69 ++++++++++++------------
 language/en/text.php                     |  5 ++
 5 files changed, 90 insertions(+), 48 deletions(-)
 create mode 100644 api/htaccess.txt

diff --git a/admin/api_settings.php b/admin/api_settings.php
index 0af4b1b6..b7d89ba4 100644
--- a/admin/api_settings.php
+++ b/admin/api_settings.php
@@ -104,29 +104,45 @@ require_once(HESK_PATH . 'inc/show_admin_nav.inc.php');
                                    title="<?php echo $hesklang['external_api']; ?>"
                                    data-content="<?php echo $hesklang['external_api_help']; ?>"></i>
                             </label>
+                            <div class="col-sm-9">
+                                <span class="btn-group" data-toggle="buttons">
+                                    <?php
+                                    $on = $modsForHesk_settings['public_api'] == '1' ? 'active' : '';
+                                    $off = $modsForHesk_settings['public_api'] == '1' ? '' : 'active';
+                                    ?>
+                                    <label id="enable-api-button" class="btn btn-success <?php echo $on; ?>">
+                                        <input type="radio" name="public-api" value="1"> <i class="fa fa-check-circle"></i>
+                                        <?php echo $hesklang['enable']; ?>
+                                    </label>
+                                    <label id="disable-api-button" class="btn btn-danger <?php echo $off; ?>">
+                                        <input type="radio" name="public-api" value="0"> <i class="fa fa-times-circle"></i>
+                                        <?php echo $hesklang['disable']; ?>
+                                    </label>
+                                </span>
+                            </div>
+                        </div>
+                        <div class="form-group">
+                            <label for="url-rewrite" class="col-sm-3 control-label">
+                                <?php echo $hesklang['url_rewrite']; ?>
+                                <i class="fa fa-question-circle settingsquestionmark" data-toggle="popover"
+                                   title="<?php echo $hesklang['url_rewrite']; ?>"
+                                   data-content="<?php echo $hesklang['url_rewrite_help']; ?>"></i>
+                            </label>
                             <div class="col-sm-9">
                             <span class="btn-group" data-toggle="buttons">
                                 <?php
-                                $on = $modsForHesk_settings['public_api'] == '1' ? 'active' : '';
-                                $off = $modsForHesk_settings['public_api'] == '1' ? '' : 'active';
+                                $on = $modsForHesk_settings['api_url_rewrite'] == '1' ? 'active' : '';
+                                $off = $modsForHesk_settings['api_url_rewrite'] == '1' ? '' : 'active';
                                 ?>
-                                <label id="enable-api-button" class="btn btn-success <?php echo $on; ?>">
-                                    <input type="radio" name="public-api" value="1"> <i class="fa fa-check-circle"></i>
+                                <label id="enable-url-rewrite-button" class="btn btn-success <?php echo $on; ?>">
+                                    <input type="radio" name="url-rewrite" value="1"> <i class="fa fa-check-circle"></i>
                                     <?php echo $hesklang['enable']; ?>
                                 </label>
-                                <label id="disable-api-button" class="btn btn-danger <?php echo $off; ?>">
-                                    <input type="radio" name="public-api" value="0"> <i class="fa fa-times-circle"></i>
+                                <label id="disable-url-rewrite-button" class="btn btn-danger <?php echo $off; ?>">
+                                    <input type="radio" name="url-rewrite" value="0"> <i class="fa fa-times-circle"></i>
                                     <?php echo $hesklang['disable']; ?>
                                 </label>
                             </span>
-                            <span>
-                                <i id="public-api-success" class="fa fa-check-circle fa-2x green hide media-middle"
-                                   data-toggle="tooltip" title="<?php echo $hesklang['changes_saved']; ?>"></i>
-                                <i id="public-api-failure" class="fa fa-times-circle fa-2x red hide media-middle"
-                                   data-toggle="tooltip" title="<?php echo $hesklang['save_failed_check_logs']; ?>"></i>
-                                <i id="public-api-saving" class="fa fa-spin fa-spinner fa-2x hide media-middle"
-                                   data-toggle="tooltip" title="<?php echo $hesklang['saving']; ?>"></i>
-                            </span>
                             </div>
                         </div>
                     </form>
@@ -204,7 +220,8 @@ require_once(HESK_PATH . 'inc/show_admin_nav.inc.php');
     </div>
 </section>
 </div>
-
 <?php
+echo mfh_get_hidden_fields_for_language(array('success', 'url_rewrite_saved', 'api_settings_saved', 'an_error_occurred'));
+
 require_once(HESK_PATH . 'inc/footer.inc.php');
 exit();
\ No newline at end of file
diff --git a/api/htaccess.txt b/api/htaccess.txt
new file mode 100644
index 00000000..4e7f3d1c
--- /dev/null
+++ b/api/htaccess.txt
@@ -0,0 +1,16 @@
+<IfModule mod_rewrite.c>
+RewriteEngine On
+
+# If your helpdesk is installed in a sub-directory, change /api to /<your subfolder>/api
+RewriteBase /api
+
+# remove index.php from URLs
+RewriteCond %{THE_REQUEST} /index\.php [NC]
+RewriteRule ^(.*?)index\.php$ $1 [L,R=302,NC,NE]
+
+RewriteRule ^index\.php$ - [L]
+
+RewriteCond %{REQUEST_FILENAME} !-f
+RewriteCond %{REQUEST_FILENAME} !-d
+RewriteRule . index.php [L]
+</IfModule>
\ No newline at end of file
diff --git a/install/mods-for-hesk/sql/installSql.php b/install/mods-for-hesk/sql/installSql.php
index 70b9301f..efb71de3 100644
--- a/install/mods-for-hesk/sql/installSql.php
+++ b/install/mods-for-hesk/sql/installSql.php
@@ -1013,6 +1013,7 @@ function execute310Scripts() {
     executeQuery("INSERT INTO `" . hesk_dbEscape($hesk_settings['db_pfix']) . "settings` (`Key`, `Value`) VALUES ('login_background', '#d2d6de')");
     executeQuery("INSERT INTO `" . hesk_dbEscape($hesk_settings['db_pfix']) . "settings` (`Key`, `Value`) VALUES ('login_box_header', 'helpdesk-title')");
     executeQuery("INSERT INTO `" . hesk_dbEscape($hesk_settings['db_pfix']) . "settings` (`Key`, `Value`) VALUES ('login_box_header_image', '')");
+    executeQuery("INSERT INTO `" . hesk_dbEscape($hesk_settings['db_pfix']) . "settings` (`Key`, `Value`) VALUES ('api_url_rewrite', '0')");
 
     // Copy over color presets to the custom values
     $theme_preset_rs = executeQuery("SELECT `Value` FROM `" . hesk_dbEscape($hesk_settings['db_pfix']) . "settings` WHERE `Key` = 'admin_color_scheme'");
diff --git a/internal-api/js/api-settings.js b/internal-api/js/api-settings.js
index abfab1f1..28dab649 100644
--- a/internal-api/js/api-settings.js
+++ b/internal-api/js/api-settings.js
@@ -1,9 +1,16 @@
 $(document).ready(function() {
     $('#enable-api-button').click(function() {
-        updatePublicApi('1', '#enable-api-button');
+        updatePublicApi('1');
     });
     $('#disable-api-button').click(function() {
-        updatePublicApi('0', '#disable-api-button');
+        updatePublicApi('0');
+    });
+
+    $('#enable-url-rewrite-button').click(function() {
+        updateUrlRewrite('1');
+    });
+    $('#disable-url-rewrite-button').click(function() {
+        updateUrlRewrite('0');
     });
 });
 
@@ -16,53 +23,49 @@ function updatePublicApi(enable) {
     };
     $('#enable-api-button').addClass('disabled');
     $('#disable-api-button').addClass('disabled');
-    markSaving('public-api');
     $.ajax({
         url: endpoint,
         data: data,
         method: 'POST',
         success: function() {
+            mfhAlert.success(mfhLang.text('api_settings_saved'), mfhLang.text('success'));
             $('#enable-api-button').removeClass('disabled');
             $('#disable-api-button').removeClass('disabled');
-            markSuccess('public-api');
-
-            if (enable == '1') {
-                $('#public-api-sidebar').addClass('success')
-                    .removeClass('danger');
-                $('#public-api-sidebar-enabled').removeClass('hide');
-                $('#public-api-sidebar-disabled').addClass('hide');
-            } else {
-                $('#public-api-sidebar').addClass('danger')
-                    .removeClass('success');
-                $('#public-api-sidebar-disabled').removeClass('hide');
-                $('#public-api-sidebar-enabled').addClass('hide');
-            }
         },
         error: function(data) {
             console.error(data);
             $('#enable-api-button').removeClass('disabled');
             $('#disable-api-button').removeClass('disabled');
-            markFailure('public-api');
+            mfhAlert.error(mfhLang.text('an_error_occurred'), mfhLang.text('error'));
         }
     });
 }
 
-function markSuccess(id) {
-    $('#' + id + '-saving').addClass('hide');
-    $('#' + id + '-failure').addClass('hide');
-    $('#' + id + '-success').removeClass('hide');
-}
-
-function markSaving(id) {
-    $('#' + id + '-saving').removeClass('hide');
-    $('#' + id + '-failure').addClass('hide');
-    $('#' + id + '-success').addClass('hide');
-}
-
-function markFailure(id) {
-    $('#' + id + '-saving').addClass('hide');
-    $('#' + id + '-failure').removeClass('hide');
-    $('#' + id + '-success').addClass('hide');
+function updateUrlRewrite(enable) {
+    var heskPath = $('p#hesk-path').text();
+    var endpoint = heskPath + 'internal-api/admin/api-settings/';
+    var data = {
+        key: 'api_url_rewrite',
+        value: enable
+    };
+    $('#enable-url-rewrite-button').addClass('disabled');
+    $('#disable-url-rewrite-button').addClass('disabled');
+    $.ajax({
+        url: endpoint,
+        data: data,
+        method: 'POST',
+        success: function() {
+            mfhAlert.success(mfhLang.text('url_rewrite_saved'), mfhLang.text('success'));
+            $('#enable-url-rewrite-button').removeClass('disabled');
+            $('#disable-url-rewrite-button').removeClass('disabled');
+        },
+        error: function(data) {
+            console.error(data);
+            $('#enable-url-rewrite-button').removeClass('disabled');
+            $('#disable-url-rewrite-button').removeClass('disabled');
+            mfhAlert.error(mfhLang.text('an_error_occurred'), mfhLang.text('error'));
+        }
+    });
 }
 
 function generateToken(userId) {
diff --git a/language/en/text.php b/language/en/text.php
index 25127bd2..c55d4404 100644
--- a/language/en/text.php
+++ b/language/en/text.php
@@ -2168,6 +2168,11 @@ $hesklang['preset_red'] = 'Red';
 $hesklang['preset_red_light'] = 'Red (light)';
 $hesklang['preset_black'] = 'Black';
 $hesklang['preset_black_light'] = 'Black (light)';
+$hesklang['url_rewrite'] = 'URL Rewrite';
+$hesklang['url_rewrite_help'] = 'Remove the need to include /index.php in API URLs (i.e. /api/index.php/v1/... -> /api/v1/...). Rename htaccess.txt to .htaccess in the /api folder to use.';
+$hesklang['url_rewrite_saved'] = 'URL rewrite setting saved!';
+$hesklang['api_settings_saved'] = 'API settings saved!';
+$hesklang['an_error_occurred'] = 'An error occurred. Check the logs for more information';
 
 // DO NOT CHANGE BELOW
 if (!defined('IN_SCRIPT')) die('PHP syntax OK!');