git.defcon.no Git - hermes/blob - api/auth.php

   1 <?php
   2 require_once('config.php');
   3 require_once('lib/auth_base.php');
   4 require_once('lib/common_functions.php');
   5 require_once('lib/db_functions.php');
   6 require_once('lib/domain_functions.php');
   7
   8 $config = get_config();
   9
  10 $config['sql_link'] = @mysql_connect(
  11         $config['sql_server'],
  12         $config['sql_username'],
  13         $config['sql_password']
  14 );
  15 if ( !$config['sql_link'] )
  16 {
  17         print json_encode( array( 'response' => 'failed', 'cause' => 'error', 'detail' => 'Database connection failed.'));
  18         exit;
  19 }
  20
  21 //*************************************************************************************
  22         switch ( $_SERVER['PATH_INFO'] )
  23         {
  24                 case "/list_users":
  25                         // List valid API user-acounts.
  26                         // Fail with notauthorized if current authentication
  27                         // does not have write access.
  28                 case "/authorize_user":
  29                         // Add or update a valid back-end user in authorization
  30                         // if the current authentication has write access.
  31                         // Since the user exists in backend, the only
  32                         // needed parameters should be username and access level
  33                         // If the authorization does not exist, add it.
  34                         // If the user is already authorized, replace access level.
  35                 case "/add_user":
  36                         // Add user to backend if backend is read-write and
  37                         // the current authentication has write access.
  38                 case "/update_user":
  39                         // Update the given user in the backend, if the backend
  40                         // is read-write, and the current authentication has
  41                         // write access.
  42                 case "/remove_user":
  43                         // Delete user from backend if backend is read-write
  44                         // and the current authentication has write access.
  45                 case "/list_apikeys":
  46                         // List valid API keys.
  47                         // Fail is current authorization does not have write access.
  48                 case "/new_apikey":
  49                         // If the current authorization has write access, create
  50                         // a new API key with requested access (ro/rw).
  51                 case "/remove_apikey":
  52                         // If the current authorization has write access,
  53                         // remove the given API key.
  54                         print json_encode ( array( 'response' => 'notimplemented') );
  55                         break;
  56                 default:
  57                         print json_encode ( array( 'response' => 'invalid') );
  58         }
  59 //*************************************************************************************
  60 mysql_close( $config['sql_link'] );
  61 ?>