206 lines
11 KiB
Plaintext
206 lines
11 KiB
Plaintext
Function Webaccounts_API(@API)
|
|
/***********************************************************************************************************************
|
|
|
|
This program is proprietary and is not to be used by or disclosed to others, nor is it to be copied without written
|
|
permission from SRP Computer Solutions, Inc.
|
|
|
|
Name : Webaccounts_API
|
|
|
|
Description : API logic for the Webaccounts resource.
|
|
|
|
Notes : All web APIs should include the API_SETUP insert. This will provide several useful variables:
|
|
|
|
HTTPMethod - The HTTP Method (Verb) submitted by the client (e.g., GET, POST, etc.)
|
|
APIURL - The URL for the API entry point (e.g., api.mysite.com/v1).
|
|
FullEndpointURL - The URL submitted by the client, including query params.
|
|
FullEndpointURLNoQuery - The URL submitted by the client, excluding query params.
|
|
ParentURL - The URL path preceeding the current endpoint.
|
|
the SelfURL.
|
|
CurrentAPI - The name of this stored procedure.
|
|
|
|
Parameters :
|
|
API [in] -- Web API to process. Format is [APIPattern].[HTTPMethod]:
|
|
- APIPattern must follow this structure <Resource>[.ID.[<Property>]]
|
|
- HTTPMethod can be any valid HTTP method, e.g., GET, POST, PUT, DELETE, etc.
|
|
Examples:
|
|
- Webaccounts.POST
|
|
- Webaccounts.ID.PUT
|
|
- Webaccounts.ID.firstName.GET
|
|
Response [out] -- Response to be sent back to the Controller (HTTP_MCP) or requesting procedure. Web API
|
|
services do not rely upon anything being returned in the response. This is what the
|
|
various services like SetResponseBody and SetResponseStatus services are for. A response
|
|
value is only helpful if the developers want to use it for debug purposes.
|
|
|
|
History : (Date, Initials, Notes)
|
|
11/19/18 dmb Original programmer.
|
|
04/09/19 dmb [SRPFW-271] Replace FullEndpointURL with FullEndpointURLNoQuery in the GetObjects service
|
|
within the webaccounts.GET API to avoid query params in the embedded object self URLs.
|
|
05/28/19 dmb [SRPFW-274] Replace all references to AddLinkRelationships with AddLinkRelations.
|
|
01/23/20 dmb [SRPFW-296] Add matching HEAD APIs for all GET APIs.
|
|
|
|
***********************************************************************************************************************/
|
|
|
|
#pragma precomp SRP_PreCompiler
|
|
|
|
$insert APP_INSERTS
|
|
$insert API_SETUP
|
|
$insert HTTP_INSERTS
|
|
|
|
Declare function WebAccounts_Services
|
|
|
|
AuthenticatedAccountID = HTTP_Authentication_Services('GetAuthenticatedAccountID')
|
|
|
|
GoToAPI else
|
|
// The specific resource endpoint doesn't have a API handler yet.
|
|
HTTP_Services('SetResponseStatus', 204, 'This is a valid endpoint but a web API handler has not yet been created.')
|
|
end
|
|
|
|
Return Response OR ''
|
|
|
|
|
|
////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////
|
|
// Endpoint Handlers
|
|
////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////
|
|
|
|
API webaccounts.HEAD
|
|
API webaccounts.GET
|
|
|
|
objResource = HTTP_Resource_Services('GetObject')
|
|
If Error_Services('NoError') then
|
|
objWebAccounts = HTTP_Resource_Services('GetObject', 'WEB_ACCOUNTS', AuthenticatedAccountID, 'NAME', '', '', '', '', FullEndpointURLNoQuery)
|
|
If Error_Services('NoError') then
|
|
HTTP_Resource_Services('AddEmbeddedResources', objResource, 'webaccounts', objWebAccounts)
|
|
// Add _links sub-properties for HAL implementation.
|
|
Rels = 'self' : @FM : 'apiEntryPoint'
|
|
URLs = FullEndpointURL : @FM : ParentURL
|
|
HTTP_Resource_Services('AddLinkRelations', objResource, Rels, URLs)
|
|
If Error_Services('NoError') then
|
|
// Serialize the object into a JSON string.
|
|
jsonResource = HTTP_Resource_Services('GetSerializedResource', objResource)
|
|
// Set the response body with the JSON string and set the Content-Type response header.
|
|
HTTP_Services('SetResponseBody', jsonResource, False$, 'application/hal+json')
|
|
end else
|
|
HTTP_Services('SetResponseError', '', '', 500, Error_Services('GetMessage'), FullEndpointURL)
|
|
end
|
|
end else
|
|
HTTP_Services('SetResponseError', '', '', 500, Error_Services('GetMessage'), FullEndpointURL)
|
|
end
|
|
end else
|
|
HTTP_Services('SetResponseError', '', '', 500, Error_Services('GetMessage'), FullEndpointURL)
|
|
end
|
|
|
|
end api
|
|
|
|
|
|
API webaccounts.ID.HEAD
|
|
API webaccounts.ID.GET
|
|
|
|
AccountID = EndpointSegment
|
|
|
|
If AccountID EQ AuthenticatedAccountID then
|
|
objResource = HTTP_Resource_Services('GetObject', 'WEB_ACCOUNTS', AccountID, 'NAME')
|
|
If Error_Services('NoError') then
|
|
objPassword = HTTP_Resource_Services('GetObject', 'WEB_ACCOUNTS', AccountID, 'CURRENT_PASSWORD' : @FM : 'CURRENT_PASSWORD_CREATED' : @FM : 'CURRENT_PASSWORD_EXPIRES', 'value' : @FM : 'created' : @FM : 'expires')
|
|
If Error_Services('NoError') then
|
|
// Add the password nested property.
|
|
HTTP_Resource_Services('AddProperty', objResource, 'password', objPassword, 'ObjectHandle')
|
|
end
|
|
If Error_Services('NoError') then
|
|
// Add _links sub-properties for HAL implementation.
|
|
Names = 'self' : @FM : 'password' : @FM : 'apiEntryPoint'
|
|
URLs = FullEndpointURL : @FM : FullEndpointURL : '/password' : @FM : APIURL
|
|
HTTP_Resource_Services('AddLinkRelations', objResource, Names, URLs)
|
|
end
|
|
If Error_Services('NoError') then
|
|
// Serialize the object into a JSON string.
|
|
jsonResource = HTTP_Resource_Services('GetSerializedResource', objResource)
|
|
// Set the response body with the JSON string and set the Content-Type response header.
|
|
HTTP_Services('SetResponseBody', jsonResource, False$, 'application/hal+json')
|
|
end else
|
|
HTTP_Services('SetResponseError', '', '', 500, Error_Services('GetMessage'), FullEndpointURL)
|
|
end
|
|
end else
|
|
HTTP_Services('SetResponseError', '', '', 500, Error_Services('GetMessage'), FullEndpointURL)
|
|
end
|
|
end else
|
|
HTTP_Services('SetResponseError', '', '', 401, 'This account is not authorized for this endpoint.', FullEndpointURL)
|
|
end
|
|
|
|
end api
|
|
|
|
|
|
API webaccounts.ID.password.HEAD
|
|
API webaccounts.ID.password.GET
|
|
|
|
AccountID = ParentSegment
|
|
|
|
If AccountID EQ AuthenticatedAccountID then
|
|
objResource = HTTP_Resource_Services('GetObject', 'WEB_ACCOUNTS', AccountID, 'CURRENT_PASSWORD' : @FM : 'CURRENT_PASSWORD_CREATED' : @FM : 'CURRENT_PASSWORD_EXPIRES', 'value' : @FM : 'created' : @FM : 'expires')
|
|
If Error_Services('NoError') then
|
|
// Add _links sub-properties for HAL implementation.
|
|
Names = 'self' : @FM : 'apiEntryPoint'
|
|
URLs = FullEndpointURL : @FM : APIURL
|
|
HTTP_Resource_Services('AddLinkRelations', objResource, Names, URLs)
|
|
end
|
|
If Error_Services('NoError') then
|
|
HTTP_Resource_Services('AddFormAction', objResource, 'resetPassword', 'PATCH', FullEndpointURL, 'Reset Password', 'value', '' : @VM : True$ : @VM : True$)
|
|
end
|
|
If Error_Services('NoError') then
|
|
// Serialize the object into a JSON string.
|
|
jsonResource = HTTP_Resource_Services('GetSerializedResource', objResource)
|
|
// Set the response body with the JSON string and set the Content-Type response header.
|
|
HTTP_Services('SetResponseBody', jsonResource, False$, 'application/hal+json')
|
|
end else
|
|
HTTP_Services('SetResponseError', '', '', 500, Error_Services('GetMessage'), FullEndpointURL)
|
|
end
|
|
end else
|
|
HTTP_Services('SetResponseError', '', '', 401, 'This account is not authorized for this endpoint.', FullEndpointURL)
|
|
end
|
|
|
|
end api
|
|
|
|
|
|
API webaccounts.ID.password.PATCH
|
|
|
|
AccountID = ParentSegment
|
|
|
|
If AccountID EQ AuthenticatedAccountID then
|
|
Password = HTTP_Authentication_Services('GetWebAccountPassword', AccountID, False$)
|
|
Body = HTTP_Services('GetHTTPPostString')
|
|
Body = HTTP_Services('DecodePercentString', Body)
|
|
If SRP_JSON(objJSON, 'Parse', Body) EQ '' then
|
|
NewPassword = SRP_JSON(objJSON, 'GetValue', 'value')
|
|
SRP_JSON(objJSON, 'Release')
|
|
HTTP_Authentication_Services('SetWebAccountPassword', AccountID, Password, NewPassword)
|
|
If Error_Services('NoError') then
|
|
objResource = HTTP_Resource_Services('GetObject', 'WEB_ACCOUNTS', AccountID, 'CURRENT_PASSWORD' : @FM : 'CURRENT_PASSWORD_CREATED' : @FM : 'CURRENT_PASSWORD_EXPIRES', 'value' : @FM : 'created' : @FM : 'expires')
|
|
If Error_Services('NoError') then
|
|
// Add _links sub-properties for HAL implementation.
|
|
Names = 'self' : @FM : 'apiEntryPoint'
|
|
URLs = FullEndpointURL : @FM : APIURL
|
|
HTTP_Resource_Services('AddLinkRelations', objResource, Names, URLs)
|
|
end
|
|
If Error_Services('NoError') then
|
|
HTTP_Resource_Services('AddFormAction', objResource, 'resetPassword', 'PATCH', FullEndpointURL, 'Reset Password', 'value', '' : @VM : True$ : @VM : True$)
|
|
end
|
|
If Error_Services('NoError') then
|
|
// Serialize the object into a JSON string.
|
|
jsonResource = HTTP_Resource_Services('GetSerializedResource', objResource)
|
|
// Set the response body with the JSON string and set the Content-Type response header.
|
|
HTTP_Services('SetResponseBody', jsonResource, False$, 'application/hal+json')
|
|
end else
|
|
HTTP_Services('SetResponseError', '', '', 500, Error_Services('GetMessage'), FullEndpointURL)
|
|
end
|
|
end else
|
|
HTTP_Services('SetResponseError', '', '', 403, Error_Services('GetMessage'), FullEndpointURL)
|
|
end
|
|
end else
|
|
Error_Services('Add', 'Error parsing JSON body within the ' : CurrentAPI : ' module.')
|
|
HTTP_Services('SetResponseError', '', '', 500, Error_Services('GetMessage'), FullEndpointURL)
|
|
end
|
|
end else
|
|
HTTP_Services('SetResponseError', '', '', 401, 'This account is not authorized for this endpoint.', FullEndpointURL)
|
|
end
|
|
|
|
end api
|