[FEATURE] Add HTTP-REST API for Events (#105)

* Add api for event list --------- Co-authored-by: Andreas Pfeiffer <[email protected]> Co-authored-by: Alexander Bigga <[email protected]> Co-authored-by: Andreas Pfeiffer <[email protected]>
slub · Aug 16, 2024 · 0fc1445 · 0fc1445
1 parent f024616
commit 0fc1445
Show file tree

Hide file tree

Showing 19 changed files with 1,289 additions and 6 deletions.
diff --git a/Classes/Authentication/ApiAuthentication.php b/Classes/Authentication/ApiAuthentication.php
@@ -0,0 +1,149 @@
+<?php
+
+namespace Slub\SlubEvents\Authentication;
+
+/*
+ * This file is part of the TYPO3 CMS project.
+ *
+ * It is free software; you can redistribute it and/or modify it under
+ * the terms of the GNU General Public License, either version 3
+ * of the License, or any later version.
+ *
+ * For the full copyright and license information, please read the
+ * LICENSE.txt file that was distributed with this source code.
+ *
+ * The TYPO3 project - inspiring people to share!
+ */
+
+use Slub\SlubEvents\Mvc\View\JsonView;
+use TYPO3\CMS\Core\Utility\GeneralUtility;
+use TYPO3\CMS\Extbase\Configuration\ConfigurationManagerInterface;
+use TYPO3\CMS\Extbase\Object\ObjectManager;
+
+/**
+ * Class ApiAuthentication
+ * @package Slub\SlubEvents\Authentication
+ */
+class ApiAuthentication
+{
+    public const LL_PATH = 'LLL:EXT:slub_events/Resources/Private/Language/locallang_api.xlf';
+    public const EXTENSION_NAME = 'slubevents';
+
+    /**
+     * @var string[]
+     */
+    public $error = [
+        401 => 'Invalid authorization'
+    ];
+
+    /**
+     * @var ConfigurationManagerInterface
+     */
+    protected $configurationManager;
+
+    public function __construct()
+    {
+        /** @var ObjectManager $objectManager */
+        $objectManager = GeneralUtility::makeInstance(ObjectManager::class);
+
+        $this->configurationManager = $objectManager->get(ConfigurationManagerInterface::class);
+    }
+
+    /**
+     * @return bool
+     */
+    public function authenticateUser(): bool
+    {
+        $users = $this->findAllUsers();
+        $apiUser = $this->getApiUser();
+
+        return $this->isValiduser($users, $apiUser);
+    }
+
+    /**
+     * @param JsonView $view
+     * @param int $status
+     * @return JsonView
+     */
+    public function getError(JsonView $view, int $status): JsonView
+    {
+        $view->setVariablesToRender(['error']);
+        $view->assign('error', [
+            'error' => [
+                'status' => $status,
+                'message' => $this->error[$status]
+            ]
+        ]);
+
+        return $view;
+    }
+
+    /**
+     * @param array $users
+     * @param array $apiUser
+     * @return bool
+     */
+    protected function isValidUser(array $users, array $apiUser): bool
+    {
+        if (count($users) === 0 || count($apiUser) === 0) {
+            return false;
+        }
+
+        foreach ($users as $user) {
+            // Security risk if there is a user with empty username and empty password
+            // Well, close the api in general
+            if (empty($user['username']) || empty($user['password'])) {
+                return false;
+            }
+
+            if ($user['username'] === $apiUser['username'] &&
+                $user['password'] === $apiUser['password']
+            ) {
+                return true;
+            }
+        }
+
+        return false;
+    }
+
+    /**
+     * @return array
+     */
+    protected function getApiUser(): array
+    {
+        $user = [];
+        $authorization = $_SERVER['HTTP_AUTHORIZATION'] ?? null;
+
+        if (stripos($authorization, 'Basic ') === 0) {
+            $user = GeneralUtility::trimExplode(':', base64_decode(substr($authorization, 6)), 2);
+        }
+
+        if (count($user) === 2) {
+            return [
+                'username' => $user[0],
+                'password' => $user[1]
+            ];
+        }
+
+        return [];
+    }
+
+    /**
+     * @return array
+     */
+    protected function findAllUsers(): array
+    {
+        return $this->getExtensionSettings()['api']['users'] ?? [];
+    }
+
+    /**
+     * @return array
+     */
+    protected function getExtensionSettings(): array
+    {
+        return (array)$this->configurationManager->getConfiguration(
+            ConfigurationManagerInterface::CONFIGURATION_TYPE_SETTINGS,
+            self::EXTENSION_NAME
+        );
+    }
+}
diff --git a/Classes/Controller/Api/EventController.php b/Classes/Controller/Api/EventController.php
@@ -0,0 +1,118 @@
+<?php
+
+namespace Slub\SlubEvents\Controller\Api;
+
+/*
+ * This file is part of the TYPO3 CMS project.
+ *
+ * It is free software; you can redistribute it and/or modify it under
+ * the terms of the GNU General Public License, either version 3
+ * of the License, or any later version.
+ *
+ * For the full copyright and license information, please read the
+ * LICENSE.txt file that was distributed with this source code.
+ *
+ * The TYPO3 project - inspiring people to share!
+ */
+
+use Slub\SlubEvents\Authentication\ApiAuthentication;
+use Slub\SlubEvents\Controller\AbstractController;
+use Slub\SlubEvents\Mvc\View\JsonView;
+use Slub\SlubEvents\Service\ApiService;
+use Slub\SlubEvents\Service\EventService;
+use TYPO3\CMS\Core\Utility\GeneralUtility;
+use TYPO3\CMS\Extbase\Mvc\View\ViewInterface;
+use TYPO3\CMS\Extbase\Object\ObjectManager;
+
+/**
+ * @package slub_events
+ * @license http://www.gnu.org/licenses/gpl.html GNU General Public License, version 3 or later
+ */
+class EventController extends AbstractController
+{
+    /**
+     * @var ApiService
+     */
+    protected $apiService;
+
+    /**
+     * @var ApiAuthentication
+     */
+    protected $apiAuthentication;
+
+    /**
+     * @var EventService
+     */
+    protected $eventService;
+
+    /**
+     * @var JsonView
+     */
+    protected $view;
+
+    /**
+     * @var string
+     */
+    protected $defaultViewObjectName = JsonView::class;
+
+    /**
+     * @var bool
+     */
+    protected $allowApiAccess = false;
+
+    /**
+     * EventController constructor.
+     */
+    public function __construct()
+    {
+        /** @var ObjectManager $objectManager */
+        $objectManager = GeneralUtility::makeInstance(ObjectManager::class);
+
+        $this->apiService = $objectManager->get(ApiService::class);
+        $this->apiAuthentication = $objectManager->get(ApiAuthentication::class);
+        $this->eventService = $objectManager->get(EventService::class);
+
+        $this->allowApiAccess = $this->apiAuthentication->authenticateUser();
+    }
+
+    /**
+     * @param ViewInterface $view
+     */
+    public function initializeView(ViewInterface $view): void
+    {
+        parent::initializeView($view);
+
+        if (!$this->allowApiAccess) {
+            $this->view = $this->apiAuthentication->getError($this->view, 401);
+        }
+    }
+
+    /**
+     * @return void
+     */
+    public function listAction(): void
+    {
+        if ($this->allowApiAccess) {
+            $arguments = $this->apiService->prepareArgumentsDefault($this->request->getArguments());
+            $events = $this->eventService->findAllBySettings($arguments);
+
+            $this->view->setVariablesToRender(['events']);
+            $this->view->assign('events', $events);
+        }
+    }
+
+    /**
+     * @return void
+     */
+    public function listUserAction(): void
+    {
+        if ($this->allowApiAccess) {
+            $arguments = $this->apiService->prepareArgumentsUser($this->request->getArguments());
+            $events = $arguments['user'] === 0 ? [] : $this->eventService->findAllBySettings($arguments);
+            $eventsUser = $this->eventService->prepareForUser($arguments['user'], $events, $this->settings);
+
+            $this->view->setVariablesToRender(['eventsUser']);
+            $this->view->assign('eventsUser', $eventsUser);
+        }
+    }
+}
diff --git a/Classes/Controller/Backend/EventController.php b/Classes/Controller/Backend/EventController.php
@@ -5,7 +5,7 @@
  * This file is part of the TYPO3 CMS project.
  *
  * It is free software; you can redistribute it and/or modify it under
- * the terms of the GNU General Public License, either version 2
+ * the terms of the GNU General Public License, either version 3
  * of the License, or any later version.
  *
  * For the full copyright and license information, please read the

diff --git a/Classes/Controller/Backend/SubscriberController.php b/Classes/Controller/Backend/SubscriberController.php
@@ -5,7 +5,7 @@
  * This file is part of the TYPO3 CMS project.
  *
  * It is free software; you can redistribute it and/or modify it under
- * the terms of the GNU General Public License, either version 2
+ * the terms of the GNU General Public License, either version 3
  * of the License, or any later version.
  *
  * For the full copyright and license information, please read the

diff --git a/Classes/Domain/Model/Event.php b/Classes/Domain/Model/Event.php
@@ -57,6 +57,11 @@ class Event extends AbstractEntity {
      */
     protected $parent;
 
+    /**
+     * @var array
+     */
+    protected $rootCategories = [];
+
     /**
      * startDateTime
      *
@@ -250,6 +255,13 @@ class Event extends AbstractEntity {
      */
     protected $recurringOptions;
 
+    /**
+     * The unsubscribe url
+     *
+     * @var string
+     */
+    protected $unsubscribeUrl;
+
     /**
      * The recurring end dateTime
      *
@@ -452,6 +464,22 @@ public function setParent( \Slub\SlubEvents\Domain\Model\Event $parent ) {
         $this->parent = $parent;
     }
 
+    /**
+     * @return array $rootCategories
+     */
+    public function getRootCategories(): array
+    {
+        return $this->rootCategories;
+    }
+
+    /**
+     * @param array $rootCategories
+     */
+    public function setRootCategories(array $rootCategories): void
+    {
+        $this->rootCategories = $rootCategories;
+    }
+
     /**
      * Returns the minSubscriber
      *
@@ -984,6 +1012,28 @@ public function setRecurringEndDateTime( $recurringEndDateTime ) {
         $this->recurringEndDateTime = $recurringEndDateTime;
     }
 
+    /**
+     * Returns the unsubscribe url value
+     *
+     * @return string $unsubscribeUrl
+     */
+    public function getUnsubscribeUrl()
+    {
+        return $this->unsubscribeUrl;
+    }
+
+    /**
+     * Sets the unsubscribe url state
+     *
+     * @param string $unsubscribeUrl
+     *
+     * @return void
+     */
+    public function setUnsubscribeUrl($unsubscribeUrl)
+    {
+        $this->unsubscribeUrl = $unsubscribeUrl;
+    }
+
     /**
      * Get CategoryStats
      *

diff --git a/Classes/Domain/Repository/EventRepository.php b/Classes/Domain/Repository/EventRepository.php
@@ -183,6 +183,18 @@ public function findAllBySettings($settings, $geniusBar = 0)
         // we don't want genius_bar events here
         $constraints[] = $query->equals('genius_bar', $geniusBar);
 
+        // is user / subscriber given
+        if ((int)$settings['user'] > 0) {
+            $constraints[] = $query->logicalAnd(
+                [
+                    $query->equals('subscribers.customerid', $settings['user']),
+                    $query->logicalNot(
+                        $query->equals('subscribers.editcode', '')
+                    )
+                ]
+            );
+        }
+
         // are categories selected?
         if (is_array($settings['categoryList']) && count($settings['categoryList']) > 0) {
             $constraints[] = $query->in('categories.uid', $settings['categoryList']);
@@ -365,7 +377,6 @@ public function findAllByDateInterval($startDateStamp, $stopDateStamp)
         return $query->execute();
     }
 
-
     /**
      * Finds all datasets by MM relation categories
      *