From 16d2c88314364b5e79936f4262d453dff03abdad Mon Sep 17 00:00:00 2001
From: Vincent Zanotti <vincent.zanotti@m4x.org>
Date: Mon, 3 Jan 2011 21:10:37 +0100
Subject: [PATCH] Implements the first API handler
 (/api/1/user/<user>/isRegistered). It is associated with a new permission,
 which can only be set as an additonal permission for existing users
 (accounts.user_perms).

Signed-off-by: Vincent Zanotti <vincent.zanotti@m4x.org>
---
 classes/user.php                 |  5 ++--
 classes/xorg.php                 |  2 +-
 modules/api.php                  | 54 ++++++++++++++++++++++++++++++++++++++++
 upgrade/1.1.0/05_permissions.sql |  9 +++++++
 4 files changed, 67 insertions(+), 3 deletions(-)
 create mode 100644 modules/api.php
 create mode 100644 upgrade/1.1.0/05_permissions.sql

diff --git a/classes/user.php b/classes/user.php
index b5669fa..98985b4 100644
--- a/classes/user.php
+++ b/classes/user.php
@@ -21,13 +21,14 @@
 
 class User extends PlUser
 {
-    const PERM_GROUPS            = 'groups';
-    const PERM_MAIL              = 'mail';
+    const PERM_API_USER_READONLY = 'api_user_readonly';
     const PERM_DIRECTORY_AX      = 'directory_ax';
     const PERM_DIRECTORY_PRIVATE = 'directory_private';
     const PERM_EDIT_DIRECTORY    = 'edit_directory';
     const PERM_FORUMS            = 'forums';
+    const PERM_GROUPS            = 'groups';
     const PERM_LISTS             = 'lists';
+    const PERM_MAIL              = 'mail';
     const PERM_PAYMENT           = 'payment';
 
     private $_profile_fetched = false;
diff --git a/classes/xorg.php b/classes/xorg.php
index 83bc952..a0da2b6 100644
--- a/classes/xorg.php
+++ b/classes/xorg.php
@@ -28,7 +28,7 @@ class Xorg extends Platal
                             'profile', 'register', 'search', 'stats', 'admin',
                             'newsletter', 'axletter', 'bandeau', 'survey',
                             'fusionax', 'gadgets', 'googleapps', 'poison',
-                            'openid', 'reminder');
+                            'openid', 'reminder', 'api');
     }
 
     public function find_hook()
diff --git a/modules/api.php b/modules/api.php
new file mode 100644
index 0000000..5562302
--- /dev/null
+++ b/modules/api.php
@@ -0,0 +1,54 @@
+<?php
+/***************************************************************************
+ *  Copyright (C) 2003-2010 Polytechnique.org                              *
+ *  http://opensource.polytechnique.org/                                   *
+ *                                                                         *
+ *  This program is free software; you can redistribute it and/or modify   *
+ *  it under the terms of the GNU General Public License as published by   *
+ *  the Free Software Foundation; either version 2 of the License, or      *
+ *  (at your option) any later version.                                    *
+ *                                                                         *
+ *  This program is distributed in the hope that it will be useful,        *
+ *  but WITHOUT ANY WARRANTY; without even the implied warranty of         *
+ *  MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the          *
+ *  GNU General Public License for more details.                           *
+ *                                                                         *
+ *  You should have received a copy of the GNU General Public License      *
+ *  along with this program; if not, write to the Free Software            *
+ *  Foundation, Inc.,                                                      *
+ *  59 Temple Place, Suite 330, Boston, MA  02111-1307  USA                *
+ ***************************************************************************/
+
+class ApiModule extends PlModule
+{
+    function handlers()
+    {
+        return array(
+            // TODO(vzanotti): Extend the plat/al engine to support placeholders
+            // in handler urls, for instance "api/1/user/%forlife/isRegistered".
+            'api/1/user' => $this->make_api_hook('user', AUTH_COOKIE, 'api_user_readonly'),
+        );
+    }
+
+    // This handler supports the following URL patterns:
+    //   /api/1/user/{forlife}/isRegistered
+    function handler_user(PlPage& $page, PlUser& $authUser, $payload, $user = null, $selector = null)
+    {
+        // Retrieve the PlUser referenced in the request. Note that this is the
+        // target user, not the authenticated user.
+        $user = PlUser::getSilent($user);
+        if (empty($user)) {
+            return PL_NOT_FOUND;
+        }
+
+        if ($selector == 'isRegistered') {
+            $page->jsonAssign('isRegistered', $user->isActive());
+            return PL_JSON;
+        } else {
+            return PL_NOT_FOUND;
+        }
+    }
+}
+
+// vim:set et sw=4 sts=4 sws=4 foldmethod=marker enc=utf-8:
+?>
diff --git a/upgrade/1.1.0/05_permissions.sql b/upgrade/1.1.0/05_permissions.sql
new file mode 100644
index 0000000..6a6615d
--- /dev/null
+++ b/upgrade/1.1.0/05_permissions.sql
@@ -0,0 +1,9 @@
+ALTER TABLE accounts CHANGE COLUMN user_perms user_perms
+    SET('groups', 'mail', 'directory_ax', 'directory_private', 'edit_directory',
+        'forums', 'lists', 'payment', 'api_user_readonly') DEFAULT NULL;
+
+ALTER TABLE account_types CHANGE COLUMN perms perms
+    SET('groups', 'mail', 'directory_ax', 'directory_private', 'edit_directory',
+        'forums', 'lists', 'payment', 'api_user_readonly') NOT NULL;
+
+-- vim:set syntax=mysql:
-- 
2.1.4