|
|
|
<?php
|
|
|
|
|
|
|
|
/* This Source Code Form is subject to the terms of the Mozilla Public
|
|
|
|
* License, v. 2.0. If a copy of the MPL was not distributed with this
|
|
|
|
* file, You can obtain one at http://mozilla.org/MPL/2.0/. */
|
|
|
|
|
|
|
|
ob_start();
|
|
|
|
header('Content-Type: application/json');
|
|
|
|
|
|
|
|
require_once __DIR__ . "/../required.php";
|
|
|
|
require_once __DIR__ . "/../machine.php";
|
|
|
|
require_once __DIR__ . "/../roles.php";
|
|
|
|
|
|
|
|
$VARS;
|
|
|
|
if ($_SERVER['REQUEST_METHOD'] === 'POST') {
|
|
|
|
$VARS = $_POST;
|
|
|
|
} else {
|
|
|
|
$VARS = $_GET;
|
|
|
|
}
|
|
|
|
|
|
|
|
function sendError($type, $msg = "An error occurred.") {
|
|
|
|
$code = 404;
|
|
|
|
switch ($type) {
|
|
|
|
case "invalidapikey":
|
|
|
|
$code = 403;
|
|
|
|
$msg = "Invalid API key. Access denied.";
|
|
|
|
break;
|
|
|
|
case "nopermission":
|
|
|
|
$code = 403;
|
|
|
|
$msg = "You don't have permission to do that.";
|
|
|
|
break;
|
|
|
|
case "nomachineid":
|
|
|
|
$code = 400;
|
|
|
|
$msg = "No machine ID sent.";
|
|
|
|
break;
|
|
|
|
case "dberror":
|
|
|
|
$code = 500;
|
|
|
|
$msg = "The database encountered an error: $msg";
|
|
|
|
}
|
|
|
|
http_response_code($code);
|
|
|
|
die(json_encode([
|
|
|
|
"status" => "ERROR",
|
|
|
|
"message" => $msg
|
|
|
|
]));
|
|
|
|
}
|
|
|
|
|
|
|
|
if (!$database->has('apikeys', ['key' => $VARS['key']])) {
|
|
|
|
sendError("invalidapikey");
|
|
|
|
}
|
|
|
|
|
|
|
|
function dieWithoutRole($roleid) {
|
|
|
|
global $VARS;
|
|
|
|
$roles = [];
|
|
|
|
if (is_array($roleid)) {
|
|
|
|
$roles = $roleid;
|
|
|
|
} else {
|
|
|
|
$roles = [$roleid];
|
|
|
|
}
|
|
|
|
$hasrole = false;
|
|
|
|
foreach ($roles as $r) {
|
|
|
|
if (Roles::has($VARS['key'], $r)) {
|
|
|
|
$hasrole = true;
|
|
|
|
}
|
|
|
|
}
|
|
|
|
if (!$hasrole) {
|
|
|
|
sendError("nopermission");
|
|
|
|
}
|
|
|
|
}
|
|
|
|
|
|
|
|
switch ($VARS['action']) {
|
|
|
|
/* Get info */
|
|
|
|
case "getmachineinfo":
|
|
|
|
dieWithoutRole(Roles::ROLE_VIEWBYID);
|
|
|
|
if (empty($VARS['id'])) {
|
|
|
|
sendError("nomachineid");
|
|
|
|
}
|
|
|
|
|
|
|
|
try {
|
|
|
|
$machine = new Machine($VARS['id']);
|
|
|
|
echo json_encode($machine->getMachineInfo());
|
|
|
|
} catch (Exception $e) {
|
|
|
|
sendError("", $e->getMessage());
|
|
|
|
}
|
|
|
|
break;
|
|
|
|
case "getmachinehistory":
|
|
|
|
dieWithoutRole(Roles::ROLE_VIEWBYID);
|
|
|
|
if (empty($VARS['id'])) {
|
|
|
|
sendError("nomachineid");
|
|
|
|
}
|
|
|
|
|
|
|
|
try {
|
|
|
|
$machine = new Machine($VARS['id']);
|
|
|
|
echo json_encode($machine->getHistory());
|
|
|
|
} catch (Exception $e) {
|
|
|
|
sendError("", $e->getMessage());
|
|
|
|
}
|
|
|
|
break;
|
|
|
|
case "getmachinecomponents":
|
|
|
|
dieWithoutRole(Roles::ROLE_VIEWBYID);
|
|
|
|
if (empty($VARS['id'])) {
|
|
|
|
sendError("nomachineid");
|
|
|
|
}
|
|
|
|
|
|
|
|
try {
|
|
|
|
$machine = new Machine($VARS['id']);
|
|
|
|
echo json_encode($machine->getComponents());
|
|
|
|
} catch (Exception $e) {
|
|
|
|
sendError("", $e->getMessage());
|
|
|
|
}
|
|
|
|
break;
|
|
|
|
case "geteventtypes":
|
|
|
|
echo json_encode($database->select('event_types', ['eventid (id)', 'eventname (name)']));
|
|
|
|
break;
|
|
|
|
case "getcomponenttypes":
|
|
|
|
echo json_encode($database->select('component_types', ['typeid (id)', 'typename (name)']));
|
|
|
|
break;
|
|
|
|
|
|
|
|
|
|
|
|
/* Save info */
|
|
|
|
case "addmachine":
|
|
|
|
dieWithoutRole(Roles::ROLE_ADDEDIT);
|
|
|
|
if (empty($VARS['id'])) {
|
|
|
|
sendError("nomachineid");
|
|
|
|
}
|
|
|
|
if ($database->has('machines', ['machineid' => $VARS['id']])) {
|
|
|
|
sendError("", "A machine with that ID already exists.");
|
|
|
|
}
|
|
|
|
$data = [];
|
|
|
|
$data['machineid'] = $VARS['id'];
|
|
|
|
if (empty($VARS['notes'])) {
|
|
|
|
$data['notes'] = "";
|
|
|
|
} else {
|
|
|
|
$data['notes'] = $VARS['notes'];
|
|
|
|
}
|
|
|
|
if (!empty($VARS['model'])) {
|
|
|
|
$data['model'] = $VARS['model'];
|
|
|
|
}
|
|
|
|
if (!empty($VARS['condition'])) {
|
|
|
|
if (is_numeric($VARS['condition']) && $VARS['condition'] > 0 && $VARS['condition'] < 10) {
|
|
|
|
$data['condition'] = $VARS['condition'] * 1.0;
|
|
|
|
} else {
|
|
|
|
sendError("", "Machine condition must be a number and 0 < condition < 10.");
|
|
|
|
}
|
|
|
|
}
|
|
|
|
if (!empty($VARS['price'])) {
|
|
|
|
if (is_numeric($VARS['price']) && $VARS['price'] > 0 && $VARS['price'] < 10000.0) {
|
|
|
|
$data['price'] = $VARS['price'] * 1.0;
|
|
|
|
} else {
|
|
|
|
sendError("", "Machine price must be a number and 0 < price < 10000.");
|
|
|
|
}
|
|
|
|
}
|
|
|
|
if (!empty($VARS['os'])) {
|
|
|
|
$data['os'] = $VARS['os'];
|
|
|
|
}
|
|
|
|
|
|
|
|
$database->insert('machines', $data);
|
|
|
|
if ($database->error()[1] != 0) {
|
|
|
|
sendError("dberror", $database->error()[2]);
|
|
|
|
}
|
|
|
|
exit(json_encode(["status" => "OK"]));
|
|
|
|
break;
|
|
|
|
case "addhistory":
|
|
|
|
dieWithoutRole([Roles::ROLE_ADDEDIT, Roles::ROLE_ADDHIST]);
|
|
|
|
if (empty($VARS['id'])) {
|
|
|
|
sendError("nomachineid");
|
|
|
|
}
|
|
|
|
try {
|
|
|
|
$machine = new Machine($VARS['id']);
|
|
|
|
$machine->addHistory($VARS['date'], $VARS['event'], $VARS['notes']);
|
|
|
|
exit(json_encode(["status" => "OK"]));
|
|
|
|
} catch (Exception $e) {
|
|
|
|
sendError("", $e->getMessage());
|
|
|
|
}
|
|
|
|
break;
|
|
|
|
case "addcomponent":
|
|
|
|
dieWithoutRole(Roles::ROLE_ADDEDIT);
|
|
|
|
if (empty($VARS['id'])) {
|
|
|
|
sendError("nomachineid");
|
|
|
|
}
|
|
|
|
try {
|
|
|
|
$machine = new Machine($VARS['id']);
|
|
|
|
$machine->addComponent($VARS['serial'], $VARS['type'], $VARS['tested'], $VARS['notes'], $VARS['capacity'], $VARS['model']);
|
|
|
|
exit(json_encode(["status" => "OK"]));
|
|
|
|
} catch (Exception $e) {
|
|
|
|
sendError("", $e->getMessage());
|
|
|
|
}
|
|
|
|
break;
|
|
|
|
|
|
|
|
|
|
|
|
case "ping":
|
|
|
|
exit(json_encode(['status' => 'OK']));
|
|
|
|
|
|
|
|
default:
|
|
|
|
sendError("", "Invalid action or no action sent.");
|
|
|
|
}
|