From f2383e1c86237bbd2be82e2fdb9b3a137a75350c Mon Sep 17 00:00:00 2001 From: Meteo Date: Sun, 14 Jun 2026 23:15:24 +0200 Subject: [PATCH] Code cleanup on different API GET calls. --- pub/api/classes/API_system_modules.php | 2 +- pub/api/v1/customers/companies/activate/index.php | 1 - pub/api/v1/portal-management/modules/index.php | 5 ----- .../v1/portal-management/permissions/index.php | 15 +-------------- pub/api/v1/user/apitoken/index.php | 2 +- 5 files changed, 3 insertions(+), 22 deletions(-) diff --git a/pub/api/classes/API_system_modules.php b/pub/api/classes/API_system_modules.php index 22c569d..01c56b0 100644 --- a/pub/api/classes/API_system_modules.php +++ b/pub/api/classes/API_system_modules.php @@ -12,7 +12,7 @@ class API_system_modules extends API { list($query, $types, $params) = $this->buildDynamicQuery('system_modules'); - $items = $this->generalGetFunction($query, $types, $params, $returnBoolean, 'Permission'); + $items = $this->generalGetFunction($query, $types, $params, $returnBoolean, 'Modules'); return $items; } diff --git a/pub/api/v1/customers/companies/activate/index.php b/pub/api/v1/customers/companies/activate/index.php index 90d7df5..46c4b3b 100644 --- a/pub/api/v1/customers/companies/activate/index.php +++ b/pub/api/v1/customers/companies/activate/index.php @@ -6,7 +6,6 @@ session_start(); require_once $_SERVER['DOCUMENT_ROOT'] . '/api/classes/API_companies.php'; - # Check permissions $API_companies = new API_companies(); diff --git a/pub/api/v1/portal-management/modules/index.php b/pub/api/v1/portal-management/modules/index.php index 1e82148..be1a9a9 100644 --- a/pub/api/v1/portal-management/modules/index.php +++ b/pub/api/v1/portal-management/modules/index.php @@ -8,16 +8,11 @@ require_once $_SERVER['DOCUMENT_ROOT'] . '/api/classes/API_system_modules.php'; $API_system_modules = new API_system_modules(); if ($API_system_modules->request_method === 'GET') { - # this part here is not tested (the whole GET part) $API_system_modules->checkPermissions('admin-modules', 'RO'); - $requiredFields = []; - $API_system_modules->validateData($requiredFields); - $modules = $API_system_modules->getModules(); $API_system_modules->apiOutput($code = 200, ['success' => $modules], ''); - } elseif ($API_system_modules->request_method === 'PUT') { # Enable or disable a module $API_system_modules->checkPermissions('admin-modules', 'RW'); diff --git a/pub/api/v1/portal-management/permissions/index.php b/pub/api/v1/portal-management/permissions/index.php index 632ea22..fccaac5 100644 --- a/pub/api/v1/portal-management/permissions/index.php +++ b/pub/api/v1/portal-management/permissions/index.php @@ -9,24 +9,11 @@ require_once $_SERVER['DOCUMENT_ROOT'] . '/api/classes/API_permissions.php'; $API_permissions = new API_permissions(); if ($API_permissions->request_method === 'GET') { - - # Retrieve all the permissions a user and return them. $API_permissions->checkPermissions('admin-access-control-permissions', 'RO'); - $requiredFields = []; - $optionalFields = [ - 'permission_uuid' => ['type' => 'uuid'], - 'permission_name' => ['type' => 'string'], - 'permission_slugify' => ['type' => 'slugify'], - 'permission_description' => ['type' => 'string'], - 'permission_create_timestamp' => ['type' => 'timestamp'], - 'permission_modified_timestamp' => ['type' => 'timestamp'] - ]; - $API_permissions->validateData($requiredFields, $optionalFields); $permissions = $API_permissions->getPermission(); - $API_permissions->apiOutput($code = 200, $permissions, 'permission_retrieved'); - + $API_permissions->apiOutput($code = 200, ['success' => $permissions], 'permission_retrieved'); } elseif ($API_permissions->request_method === 'POST') { # Only superuser can create permission due to fact that the backend needs programming when setting a permission diff --git a/pub/api/v1/user/apitoken/index.php b/pub/api/v1/user/apitoken/index.php index a333814..93e20a4 100644 --- a/pub/api/v1/user/apitoken/index.php +++ b/pub/api/v1/user/apitoken/index.php @@ -19,7 +19,7 @@ if ($API_apitoken->request_method === 'GET') { $API_apitoken->validateData($requiredFields); - $API_apitoken->checkTokenPermissions($API_apitoken->data['user_uuid']); + $API_apitoken->checkTokenPermissions(); $apitokens = $API_apitoken->getTokens();