Api2/ Delete ws, clean ws output, findByIdOrAlias everywhere

core/src/plugins/access.ajxp_conf/ajxp_confActions.xml

@@ -278,6 +278,9 @@
 				</serverCallback>
 			</processing>
 		</action>
+        <action name="patch_repository">
+            <processing><serverCallback methodName="repositoriesAction"/></processing>
+        </action>
         <action name="list_all_repositories_json">
             <processing>
                 <serverCallback methodName="repositoriesActions" restParams="/" developerComment="Returns all repository (output format is JSON)"/>

core/src/plugins/access.ajxp_conf/src/ConfAccessDriver.php

@@ -204,7 +204,7 @@ public function listAction(ServerRequestInterface $requestInterface, ResponseInt
             $uri = $requestInterface->getAttribute("api_uri");
             $vars = $requestInterface->getParsedBody();
             if($uri === "/admin/roles") {
-                
+
                 $vars["dir"] = "/data/roles";
                 $requestInterface = $requestInterface->withParsedBody($vars);
 
@@ -355,24 +355,21 @@ public function deleteAction(ServerRequestInterface $requestInterface, ResponseI
             unset($httpVars["data_id"]);
             $requestInterface = $requestInterface->withParsedBody($httpVars);
 
-        }else if($requestInterface->getAttribute("api") === "v2"){
-
-            if(isSet($httpVars["roleId"])) {
-                $httpVars["role_id"] = $httpVars["roleId"];
-                unset($httpVars["roleId"]);
-                $requestInterface = $requestInterface->withParsedBody($httpVars);
-            }
-
         }
 
         /** @var ContextInterface $ctx */
         $ctx = $requestInterface->getAttribute("ctx");
 
-        if (isSet($httpVars["repository_id"])) {
+        if (isSet($httpVars["repository_id"]) || isSet($httpVars["workspaceId"])) {
+
             $manager = new RepositoriesManager($ctx, $this->getName());
-        } else if (isSet($httpVars["role_id"])) {
+
+        } else if (isSet($httpVars["role_id"]) || isSet($httpVars["roleId"])) {
+
             $manager = new RolesManager($ctx, $this->getName());
+
         } else {
+
             $manager = new UsersManager($ctx, $this->getName());
         }
 

core/src/plugins/access.ajxp_conf/src/RepositoriesManager.php

@@ -220,59 +220,6 @@ public function repositoriesActions(ServerRequestInterface $requestInterface, Re
 
                 break;
 
-            case "edit_repository" :
-
-                if(isSet($httpVars["workspaceId"])){
-                    $repId = $httpVars["workspaceId"];
-                }else{
-                    $repId = $httpVars["repository_id"];
-                }
-                $format = isSet($httpVars["format"]) && $httpVars["format"] == "json" ? "json" : "xml";
-
-                $repository = RepositoryService::getRepositoryById($repId);
-                if ($repository == null) {
-                    throw new \Exception("Cannot find workspace with id $repId");
-                }
-                if ($ctx->hasUser() && !$ctx->getUser()->canAdministrate($repository)) {
-                    throw new \Exception("You are not allowed to edit this workspace!");
-                }
-                $pServ = PluginsService::getInstance($ctx);
-                /** @var AbstractAccessDriver $plug */
-                $plug = $pServ->getPluginById("access.".$repository->getAccessType());
-                if ($plug == null) {
-                    throw new \Exception("Cannot find access driver (".$repository->getAccessType().") for workspace!");
-                }
-                $slug = $repository->getSlug();
-                if ($slug == "" && $repository->isWriteable()) {
-                    $repository->setSlug();
-                    RepositoryService::replaceRepository($repId, $repository);
-                }
-                $ctxUser = $ctx->getUser();
-                if ($ctxUser!=null && $ctxUser->getGroupPath() != null) {
-                    $rgp = $repository->getGroupPath();
-                    if($rgp == null) $rgp = "/";
-                    if (strlen($rgp) < strlen($ctxUser->getGroupPath())) {
-                        $repository->setWriteable(false);
-                    }
-                }
-
-                $definitions = $plug->getConfigsDefinitions();
-                if($format === "json"){
-                    $data = $this->serializeRepositoryToJSON($ctx, $repository, $definitions, $currentAdminBasePath);
-                    if(isSet($httpVars["load_fill_values"]) && $httpVars["load_fill_values"] === "true"){
-                        $data["PARAMETERS_INFO"] = $this->serializeRepositoryDriverInfos($pServ, $format, $plug, $repository);
-                    }
-                    $responseInterface = new JsonResponse($data);
-                }else{
-                    $buffer = "<admin_data>";
-                    $buffer .= $this->serializeRepositoryToXML($ctx, $repository, $definitions, $currentAdminBasePath);
-                    $buffer .= $this->serializeRepositoryDriverInfos($pServ, $format, $plug, $repository);
-                    $buffer .= "</admin_data>";
-                    $responseInterface = $responseInterface->withBody(new SerializableResponseStream(new XMLDocMessage($buffer)));
-                }
-
-                break;
-
             case "edit_repository_label" :
             case "edit_repository_data" :
 
@@ -354,6 +301,8 @@ public function repositoriesActions(ServerRequestInterface $requestInterface, Re
                             }
                         }
                     }
+                    /*
+                     * THIS SEEM TO BE DUPLICATED LOWER IN THE CODE!
                     if ($repo->getContextOption($ctx, "DEFAULT_RIGHTS")) {
                         $gp = $repo->getGroupPath();
                         if (empty($gp) || $gp == "/") {
@@ -366,6 +315,7 @@ public function repositoriesActions(ServerRequestInterface $requestInterface, Re
                             RolesService::updateRole($defRole);
                         }
                     }
+                    */
                     if (is_file(AJXP_TESTS_FOLDER."/plugins/test.ajxp_".$repo->getAccessType().".php")) {
                         chdir(AJXP_TESTS_FOLDER."/plugins");
                         include(AJXP_TESTS_FOLDER."/plugins/test.ajxp_".$repo->getAccessType().".php");
@@ -411,11 +361,64 @@ public function repositoriesActions(ServerRequestInterface $requestInterface, Re
 
                 break;
 
+            case "edit_repository" :
+
+                if(isSet($httpVars["workspaceId"])){
+                    $repId = $httpVars["workspaceId"];
+                }else{
+                    $repId = $httpVars["repository_id"];
+                }
+                $format = isSet($httpVars["format"]) && $httpVars["format"] == "json" ? "json" : "xml";
+
+                $repository = RepositoryService::findRepositoryByIdOrAlias($repId);
+                if ($repository == null) {
+                    throw new \Exception("Cannot find workspace with id $repId");
+                }
+                if ($ctx->hasUser() && !$ctx->getUser()->canAdministrate($repository)) {
+                    throw new \Exception("You are not allowed to edit this workspace!");
+                }
+                $pServ = PluginsService::getInstance($ctx);
+                /** @var AbstractAccessDriver $plug */
+                $plug = $pServ->getPluginById("access.".$repository->getAccessType());
+                if ($plug == null) {
+                    throw new \Exception("Cannot find access driver (".$repository->getAccessType().") for workspace!");
+                }
+                $slug = $repository->getSlug();
+                if ($slug == "" && $repository->isWriteable()) {
+                    $repository->setSlug();
+                    RepositoryService::replaceRepository($repId, $repository);
+                }
+                $ctxUser = $ctx->getUser();
+                if ($ctxUser!=null && $ctxUser->getGroupPath() != null) {
+                    $rgp = $repository->getGroupPath();
+                    if($rgp == null) $rgp = "/";
+                    if (strlen($rgp) < strlen($ctxUser->getGroupPath())) {
+                        $repository->setWriteable(false);
+                    }
+                }
+
+                $definitions = $plug->getConfigsDefinitions();
+                if($format === "json"){
+                    $data = $this->serializeRepositoryToJSON($ctx, $repository, $definitions, $currentAdminBasePath);
+                    if(isSet($httpVars["load_fill_values"]) && $httpVars["load_fill_values"] === "true"){
+                        $data["PARAMETERS_INFO"] = $this->serializeRepositoryDriverInfos($pServ, $format, $plug, $repository);
+                    }
+                    $responseInterface = new JsonResponse($data);
+                }else{
+                    $buffer = "<admin_data>";
+                    $buffer .= $this->serializeRepositoryToXML($ctx, $repository, $definitions, $currentAdminBasePath);
+                    $buffer .= $this->serializeRepositoryDriverInfos($pServ, $format, $plug, $repository);
+                    $buffer .= "</admin_data>";
+                    $responseInterface = $responseInterface->withBody(new SerializableResponseStream(new XMLDocMessage($buffer)));
+                }
+
+                break;
+
             case "meta_source_add" :
 
                 $repId      = InputFilter::sanitize(isSet($httpVars["workspaceId"]) ? $httpVars["workspaceId"] : $httpVars["repository_id"]);
                 $metaId     = InputFilter::sanitize(isSet($httpVars["metaId"]) ? $httpVars["metaId"] : $httpVars["new_meta_source"]);
-                $repo       = RepositoryService::getRepositoryById($repId);
+                $repo       = RepositoryService::findRepositoryByIdOrAlias($repId);
 
                 if (!is_object($repo)) {
                     throw new PydioException("Invalid workspace id! $repId");
@@ -453,7 +456,7 @@ public function repositoriesActions(ServerRequestInterface $requestInterface, Re
 
                 $repId        = InputFilter::sanitize(isSet($httpVars["workspaceId"]) ? $httpVars["workspaceId"] : $httpVars["repository_id"]);
                 $metaSourceId = InputFilter::sanitize(isSet($httpVars["metaId"]) ? $httpVars["metaId"] : $httpVars["plugId"]);
-                $repo         = RepositoryService::getRepositoryById($repId);
+                $repo         = RepositoryService::findRepositoryByIdOrAlias($repId);
                 if (!is_object($repo)) {
                     throw new PydioException("Invalid workspace id! $repId");
                 }
@@ -475,7 +478,7 @@ public function repositoriesActions(ServerRequestInterface $requestInterface, Re
             case "meta_source_edit" :
 
                 $repId        = InputFilter::sanitize(isSet($httpVars["workspaceId"]) ? $httpVars["workspaceId"] : $httpVars["repository_id"]);
-                $repo         = RepositoryService::getRepositoryById($repId);
+                $repo         = RepositoryService::findRepositoryByIdOrAlias($repId);
                 if (!is_object($repo)) {
                     throw new PydioException("Invalid workspace id! $repId");
                 }
@@ -559,8 +562,8 @@ public function delete(ServerRequestInterface $requestInterface, ResponseInterfa
         $mess = LocaleService::getMessages();
         $httpVars = $requestInterface->getParsedBody();
 
-        $repId = $httpVars["repository_id"];
-        $repo = RepositoryService::getRepositoryById($repId);
+        $repId        = InputFilter::sanitize(isSet($httpVars["workspaceId"]) ? $httpVars["workspaceId"] : $httpVars["repository_id"]);
+        $repo         = RepositoryService::findRepositoryByIdOrAlias($repId);
         if(!is_object($repo)){
             $res = -1;
         }else{
@@ -766,7 +769,7 @@ protected function serializeRepositoryToJSON(ContextInterface $ctx, $repository,
         }
         foreach ($repository as $name => $option) {
             if(strstr($name, " ")>-1) continue;
-            if ($name == "driverInstance") continue;
+            if (in_array($name, ["driverInstance", "id", "uuid", "path", "recycle", "create", "enabled"])) continue;
             if(is_array($option)) {
                 $nested[] = $option;
             } else{
@@ -784,13 +787,15 @@ protected function serializeRepositoryToJSON(ContextInterface $ctx, $repository,
                     $buffer["PARAMETERS"][$key] = $optValue;
                 }
             }
-            // Add SLUG
+            // Add SLUG?
+            /*
             if(!empty($buffer["slug"])) {
                 $buffer["PARAMETERS"]["AJXP_SLUG"] = $buffer["slug"];
             }
             if(!empty($buffer["groupPath"])) {
                 $buffer["PARAMETERS"]["AJXP_GROUP_PATH_PARAMETER"] = $buffer["groupPath"];
             }
+            */
         }
         if(!$repository->isTemplate()){
             $buffer["INFO"]= [];

core/src/plugins/access.ajxp_conf/src/RolesManager.php

@@ -505,7 +505,7 @@ public function delete(ServerRequestInterface $requestInterface, ResponseInterfa
         $mess = LocaleService::getMessages();
         $httpVars = $requestInterface->getParsedBody();
 
-        $roleId = $httpVars["role_id"];
+        $roleId = InputFilter::sanitize(isSet($httpVars["roleId"]) ? $httpVars["roleId"] : $httpVars["role_id"], InputFilter::SANITIZE_DIRNAME);
         if (RolesService::getRole($roleId) === false) {
             throw new PydioException($mess["ajxp_conf.67"]);
         }