init(); $this->startSession(); $this->loadMethod(__NAMESPACE__.'\RestRequest'); } /** * Runs a REST method. */ function loadMethod($class) { $db = $this->db; $this->login(); $method = $this->app->loadMethod( $_REQUEST['method'], $class, './rest'); $method->service = $this; $isAuthorized = $db->getValue('SELECT myUser_checkRestPriv(#)', [$_REQUEST['method']]); if (!$isAuthorized) throw new ForbiddenException(s('You don\'t have enough privileges')); if ($method::SECURITY == Security::DEFINER) { $methodDb = $db; } else $methodDb = $this->getUserDb($_SESSION['user']); if ($method::PARAMS !== NULL && !$method->checkParams($_REQUEST, $method::PARAMS)) throw new UserException (s('Missing parameters')); Locale::addPath('rest/'. dirname($_REQUEST['method'])); $res = NULL; try { $res = $method->run($methodDb); } catch (\Vn\Db\Exception $e) { if ($e->getCode() == 1644) { $eMessage = $e->getMessage(); $tMessage = $db->getValue( 'SELECT `description` FROM `messageL10n` WHERE `code` = #', [$eMessage] ); if (!$tMessage) $tMessage = $eMessage; throw new Lib\UserException($tMessage, $eMessage); } throw $e; } if ($method::SECURITY == Security::DEFINER) $methodDb->query('CALL account.myUser_logout'); $db->query('CALL account.myUser_logout'); return $res; } function statusFromException($e) { try { throw $e; } catch (SessionExpiredException $e) { $status = 401; } catch (BadLoginException $e) { $status = 401; } catch (ForbiddenException $e) { $status = 403; } catch (Lib\UserException $e) { $status = 400; } catch (\Exception $e) { $status = 500; } http_response_code($status); } function errorHandler($errno, $message, $file, $line, $context = NULL) { $eFlag = E_USER_NOTICE | E_USER_WARNING | E_USER_DEPRECATED | E_NOTICE | E_WARNING | E_DEPRECATED; if (!($errno & $eFlag)) http_response_code(500); return FALSE; } function exceptionHandler($e) { $this->statusFromException($e); throw $e; } }