Function Lock_API(@API) /*********************************************************************************************************************** This program is proprietary and is not to be used by or disclosed to others, nor is it to be copied without written permission from SRP Computer Solutions, Inc. Name : Lock_API Description : API logic for the Lock resource. Notes : All web APIs should include the API_SETUP insert. This will provide several useful variables: HTTPMethod - The HTTP Method (Verb) submitted by the client (e.g., GET, POST, etc.) APIURL - The URL for the API entry point (e.g., api.mysite.com/v1). FullEndpointURL - The URL submitted by the client, including query params. FullEndpointURLNoQuery - The URL submitted by the client, excluding query params. EndpointSegment - The URL endpoint segment. ParentURL - The URL path preceeding the current endpoint. CurrentAPI - The name of this stored procedure. Parameters : API [in] -- Web API to process. Format is [APIPattern].[HTTPMethod]: - APIPattern must follow this structure Lock[.ID.[]] - HTTPMethod can be any valid HTTP method, e.g., GET, POST, PUT, DELETE, etc. Examples: - Lock.POST - Lock.ID.PUT - Lock.ID.firstName.GET Response [out] -- Response to be sent back to the Controller (HTTP_MCP) or requesting procedure. Web API services do not rely upon anything being returned in the response. This is what the various services like SetResponseBody and SetResponseStatus services are for. A response value is only helpful if the developers want to use it for debug purposes. History : (Date, Initials, Notes) 03/14/24 djm Original programmer. ***********************************************************************************************************************/ #pragma precomp SRP_PreCompiler $insert APP_INSERTS $insert API_SETUP $insert HTTP_INSERTS Declare function Database_Services, Oi_Wizard_Services, Memberof, Lock_Services Declare subroutine Lock_Services GoToAPI else // The specific resource endpoint doesn't have a API handler yet. HTTP_Services('SetResponseStatus', 204, 'This is a valid endpoint but a web API handler has not yet been created.') end Return Response OR '' //////////////////////////////////////////////////////////////////////////////////////////////////////////////////////// // Endpoint Handlers //////////////////////////////////////////////////////////////////////////////////////////////////////////////////////// API Lock.HEAD // GET Method removed until RTI_LH_Info(CMD_LOCKS_INFO$, '') is fixed //////////////////////////////// * API Lock.GET * * OIWizardID = '' * Cookies = HTTP_Services('GetHTTPCookie') * For each Cookie in Cookies using ';' * Key = Trim(Field(Cookie, '=', 1)) * If Key EQ 'sessionID' then * OIWizardID = Field(Cookie, '=', 2) * end * If Key EQ 'userID' then * CurrUser = Field(Cookie, '=', 2) * end * Next Cookie * * ValidSession = OI_Wizard_Services('ValidateSession', OIWizardID) * * If ValidSession then * * Allowed = Lock_Services("GetLockPermissions", CurrUser) * * If Allowed NE FALSE$ then * * StatusCode = 200 * LockJSON = Lock_Services("GetAllowedLocks", CurrUser) * * If Error_Services('NoError') then * HTTP_Services('SetResponseHeaderField', 'Content-Location', FullEndpointURL) * HTTP_Services('SetResponseBody', LockJSON, False$, 'application/hal+json') * If Assigned(Message) then * HTTP_Services('SetResponseStatus', StatusCode, Message) * end else * HTTP_Services('SetResponseStatus', StatusCode) * end * end else * Message = Error_Services('GetMessage') * HTTP_Services('SetResponseStatus', 500, 'Error in the ' : CurrentAPI : ' API. Message: ': Message) * end * End Else * HTTP_Services('SetResponseStatus', 403, 'User is not permitted to access this resource.') * end * End else * HTTP_Services('SetResponseStatus', 401, 'User must be signed in to access this resource.') * end * * end api API Lock.POST OIWizardID = '' Cookies = HTTP_Services('GetHTTPCookie') For each Cookie in Cookies using ';' Key = Trim(Field(Cookie, '=', 1)) If Key EQ 'sessionID' then OIWizardID = Field(Cookie, '=', 2) end If Key EQ 'userID' then CurrUser = Field(Cookie, '=', 2) end Next Cookie ValidSession = OI_Wizard_Services('ValidateSession', OIWizardID) If ValidSession then Allowed = Lock_Services("GetLockPermissions", CurrUser) If Allowed NE FALSE$ then StatusCode = '' Body = HTTP_Services('GetHTTPPostString', True$) // The POST string will have been encoded so use percent (URL) decoding. DecodedJSON = HTTP_Services('DecodePercentString', Body) If SRP_JSON(objBody, 'Parse', Body) EQ '' then Table = SRP_JSON(objBody, 'GetValue', 'table') Key = SRP_JSON(objBody, 'GetValue', 'key') SRP_JSON(objBody, 'Release') end If (Table NE '') AND (Key NE '') then Result = Lock_Services("AttemptUnlock",CurrUser, Table, Key) If Result EQ TRUE$ then HTTP_Services('SetResponseStatus', 200, 'Record successfully unlocked.') Lock_Services("LogUnlockRequest", Table, Key, CurrUser, TRUE$) end else ErrCode = Error_Services('GetMessage') HTTP_Services('SetResponseStatus', 500, ErrCode) Lock_Services("LogUnlockRequest", Table, Key, CurrUser, FALSE$) end end else HTTP_Services('SetResponseStatus', 400, 'The table or key property is missing.') end End Else HTTP_Services('SetResponseStatus', 403, 'User is not permitted to access this resource.') end End else HTTP_Services('SetResponseStatus', 401, 'User must be signed in to access this resource.') end end api