Public Member Functions | Public Attributes | Protected Attributes

ApiValidatorComponent Class Reference

ApiValidatorComponent class. More...

List of all members.

Public Member Functions

 initialize (Controller $controller, array $settings=array())
 Initialize component (called before Controller::beforeFilter()).
 startup (Controller $controller)
 Startup component (called after Controller::beforeFilter()).
 checkUrlParams ($endpoint)
 Check if url query string names of the request are valid for an endpoint.
 isUrlParamsValid ($endpoint)
 Return true if url query string is valid for an endpoint, false otherwise All allowed url params are valid for GET requests but '__all' values that are valid for all request types.
 registerAllowedUrlParams (array $stringNames, $merge=true)
 Register an array of query string names in self::$allowedUrlParams The array has to be divided by endpoint i.e.
 getAllowedUrlParams ($endpoint=null)
 Return the url query string names valid Passing the endpoint the list is filtered by it.
 setAllowedUrlParams ($endpoint, $names, $merge=true)
 Set new valid url query string names.
 isObjectTypeWritable ($objectType)
 Return true if an object type is writable.
 checkObject ($object)
 Check if $object data are valid for save.
 checkObjectReachable ($objectId)
 Check if an object is reachable:

  • check if object is reacheable looking also permissions
  • if it fails check again if it's reachable but without checking permissions
    • if it fails, then it throws 404
    • if it is, then it checks if user is logged
      • if it fails then it throws 401
      • if it is then it throws 403.

 isObjectReachable ($objectId, $checkPermissions=true)
 Return true if object $objectId is reachable, false otherwise.
 hasRelatedObjectsAccessible ($objectId)
 Return true if at least an object related to $objectId is on tree and it's accessible, false otherwise 'Accessible' is defined in self::isObjectAccessible().
 isObjectAccessible ($objectId, $parentsCheck=true)
 Return true if $objectId is accessible for authorized user, false otherwise.
 checkObjectAccess ($objectId)
 Check if $objectId and its parents are accessible for authorized user.
 isRelationValid ($name, $objectType)
 Return true if the relation $name is valid for $objectType.
 checkRelations (array $relations, $objectType=null)
 Check if an array of relations is valid.
 checkEmbedRelations (array $relationsData, $pageSize, $maxSize)
 Check embed relations requested.
 isPositiveInteger ($test)
 Return true if $test is a positive integer, false otherwise.
 checkPositiveInteger ($test, $cast=false)
 Check if $num is a positive integer.
 checkChildren (array $children, $parentId)
 Check if an array of (possible) children is valid for a parent id.
 checkCategories (array $categories, $objectTypeId=null)
 Check if an array of category names is valid for an object type id.
 checkTags (array $tags)
 Check if an array of tag names is valid.
 checkDate ($date, $format=DateTime::ATOM)
 Check if $date is in the right $format and if it's a valid date If test passes it returns the DateTime object else it throws a BeditaBadRequestException.
 checkDateItems (array $dateItems, $objectId=null)
 Check if $dateItems contains item with allowed and valid fields $dateItems has to be an array as.
 checkGeoTags (array $geoTags, $objectId=null)
 Check if $geoTags contains item with allowed and valid fields $geoTags has to be an array as.
 checkCustomProperties (array $customProperties, $objectTypeId)
 Check if custom properties are valid The $customProperties array has to be in the form.

Public Attributes

 $controller = null

Protected Attributes

 $writableObjects = array()

Detailed Description

ApiValidatorComponent class.

Used to validate data before save/delete and to test conditions on objects

Definition at line 28 of file api_validator.php.


Member Function Documentation

ApiValidatorComponent::checkCategories ( array $  categories,
objectTypeId = null 
)

Check if an array of category names is valid for an object type id.

Exceptions:
BeditaBadRequesException 
Parameters:
array $tags a list of category names
int $objectTypeId the object_type_id
Returns:
void

Definition at line 651 of file api_validator.php.

Referenced by checkObject(), and checkTags().

ApiValidatorComponent::checkChildren ( array $  children,
parentId 
)

Check if an array of (possible) children is valid for a parent id.

The $children array has to be in the form ``` array( array( 'child_id' => 1, 'priority' => 1 ), array(...) ) ```

Exceptions:
BeditaBadRequesException 
Parameters:
array $children array of chidlren data
int $parentId the parent object id
Returns:
void

Definition at line 623 of file api_validator.php.

References checkPositiveInteger(), and isObjectReachable().

ApiValidatorComponent::checkCustomProperties ( array $  customProperties,
objectTypeId 
)

Check if custom properties are valid The $customProperties array has to be in the form.

``` array( 'custom_prop_name_1' => 'value1', 'custom_prop_name_2' => 'value2', 'custom_prop_name_3' => array('value3', 'value4') // multiple choice ) ```

Parameters:
array $customProperties the custom properties to validate
int|string $objectTypeId the object type id or name
Returns:
void

Definition at line 860 of file api_validator.php.

References checkDate().

Referenced by checkObject().

ApiValidatorComponent::checkDate ( date,
format = DateTime::ATOM 
)

Check if $date is in the right $format and if it's a valid date If test passes it returns the DateTime object else it throws a BeditaBadRequestException.

Default $format tested are the following ISO-8601 formats:

  • 2005-08-15T15:52:01+02:00 (DateTime::ATOM)
  • 2005-08-15T13:52:01.467Z (js Date().toISOString())
Exceptions:
BeditaBadRequestException 
Parameters:
string $date the date string to check
string $format the format against test $date (default ISO-8601)
Returns:
DateTime

Definition at line 692 of file api_validator.php.

Referenced by checkCustomProperties(), and checkDateItems().

ApiValidatorComponent::checkDateItems ( array $  dateItems,
objectId = null 
)

Check if $dateItems contains item with allowed and valid fields $dateItems has to be an array as.

``` array( 0 => array( 'start_date' => '2015-07-08T15:00:35+0200', 'end_date' => '2015-08-08T15:00:35+0200', 'days' => array(0, 2) // integer values from 0 (Sunday) to 6 (Saturday) ), 1 => array() ) ```

If $objectId is passed and 'id' is present in some date items then check if it's valid for $objectId

Exceptions:
BeditaBadRequestException 
Parameters:
array $dateItems
int $objectId
Returns:
void

Definition at line 740 of file api_validator.php.

References checkDate().

Referenced by checkObject().

ApiValidatorComponent::checkEmbedRelations ( array $  relationsData,
pageSize,
maxSize 
)

Check embed relations requested.

$relationsData must be in the form of 'relation_name' => number_requested, for example

``` array( 'attach' => 3, 'seealso' => 1 ) ```

It check that:

  • the number requested is positive integer
  • the total number of objects and relations embedded per page is less than max size
Exceptions:
BeditaBadRequesException 
Parameters:
array $relationsData array of relations info
int $pageSize the page size
int $maxSize the max results allowed
Returns:
void

Definition at line 561 of file api_validator.php.

References checkPositiveInteger().

ApiValidatorComponent::checkGeoTags ( array $  geoTags,
objectId = null 
)

Check if $geoTags contains item with allowed and valid fields $geoTags has to be an array as.

``` array( 0 => array( 'latitude' => 43.503815, 'longitude' => '10.470861', 'address' => 'lorem ipsum', 'title' => 'title geo tag' ) ) ```

Since in backend only one GeoTag is handled the array has to be contain only one geotag data

If $objectId is passed and 'id' is present in some date items then check if it's valid for $objectId

Exceptions:
BeditaBadRequestException 
Parameters:
array $dateItems
int $objectId
Returns:
void

Definition at line 810 of file api_validator.php.

Referenced by checkObject().

ApiValidatorComponent::checkObject ( object  ) 

Check if $object data are valid for save.

If some validation fails it throws a bad request exception

Exceptions:
BeditaBadRequestException 
Parameters:
array $object object data
Returns:
void

Definition at line 229 of file api_validator.php.

References checkCategories(), checkCustomProperties(), checkDateItems(), checkGeoTags(), checkObjectAccess(), checkRelations(), checkTags(), and isObjectTypeWritable().

ApiValidatorComponent::checkObjectAccess ( objectId  ) 

Check if $objectId and its parents are accessible for authorized user.

'Accessible' is defined in self::isObjectAccessible()

If check fails it throws a bad request exception

Exceptions:
BeditaBadRequesException 
Parameters:
int|array $objectId the object id or an array of object ids
Returns:
void

Definition at line 452 of file api_validator.php.

References isObjectAccessible().

Referenced by checkObject().

ApiValidatorComponent::checkObjectReachable ( objectId  ) 

Check if an object is reachable:

  • check if object is reacheable looking also permissions
  • if it fails check again if it's reachable but without checking permissions
    • if it fails, then it throws 404
    • if it is, then it checks if user is logged
      • if it fails then it throws 401
      • if it is then it throws 403.

See also:
self::isObjectReachable()
Parameters:
int $objectId the object id
Returns:
void

Definition at line 331 of file api_validator.php.

References isObjectReachable().

ApiValidatorComponent::checkPositiveInteger ( test,
cast = false 
)

Check if $num is a positive integer.

Exceptions:
BeditaBadRequestException 
Parameters:
mixed $test the type to test
boolean $cast set to true to trying to cast $test to int before check it
Returns:
void

Definition at line 591 of file api_validator.php.

References isPositiveInteger().

Referenced by checkChildren(), checkEmbedRelations(), and checkRelations().

ApiValidatorComponent::checkRelations ( array $  relations,
objectType = null 
)

Check if an array of relations is valid.

The $relations array has to be in the form ``` array( 'attach' => array( array( 'related_id' => 1, ... ), array(...) ), 'seealso' => array(...) ) ```

If $objectType is passed then all relations are tested against that object type All object ids inside relation are tested

If check fails it throws a bad request exception

Exceptions:
BeditaBadRequesException 
Parameters:
array $relations the array of relations
string|int $objectType an object type name or id on which test all relations
Returns:
void

Definition at line 508 of file api_validator.php.

References checkPositiveInteger(), isObjectReachable(), and isRelationValid().

Referenced by checkObject().

ApiValidatorComponent::checkTags ( array $  tags  ) 

Check if an array of tag names is valid.

Exceptions:
BeditaBadRequestException 
Parameters:
array $tags a list of tag names
Returns:
void

Definition at line 671 of file api_validator.php.

References checkCategories().

Referenced by checkObject().

ApiValidatorComponent::checkUrlParams ( endpoint  ) 

Check if url query string names of the request are valid for an endpoint.

Exceptions:
BeditaBadRequestException 
Parameters:
string $endpoint the endpoint to check
Returns:
void

Definition at line 88 of file api_validator.php.

References isUrlParamsValid().

ApiValidatorComponent::getAllowedUrlParams ( endpoint = null  ) 

Return the url query string names valid Passing the endpoint the list is filtered by it.

Parameters:
string $endpoint the endpoint
Returns:
array

Definition at line 171 of file api_validator.php.

ApiValidatorComponent::hasRelatedObjectsAccessible ( objectId  ) 

Return true if at least an object related to $objectId is on tree and it's accessible, false otherwise 'Accessible' is defined in self::isObjectAccessible().

Parameters:
int $objectId the object id
Returns:
boolean

Definition at line 396 of file api_validator.php.

References isObjectAccessible().

Referenced by isObjectReachable().

ApiValidatorComponent::initialize ( Controller $  controller,
array $  settings = array() 
)

Initialize component (called before Controller::beforeFilter()).

Parameters:
Controller $controller
Returns:
void

Definition at line 60 of file api_validator.php.

ApiValidatorComponent::isObjectAccessible ( objectId,
parentsCheck = true 
)

Return true if $objectId is accessible for authorized user, false otherwise.

'Accessible' means without 'frontend_access_with_block' permission set for groups that the user doesn't belong. When $parentsCheck is true permission on them is also checked If object hasn't parents is not accessible

Parameters:
int $objectId the object id
boolean $parentsCheck if parents must be checked (default true)
Returns:
boolean

Definition at line 424 of file api_validator.php.

Referenced by checkObjectAccess(), hasRelatedObjectsAccessible(), and isObjectReachable().

ApiValidatorComponent::isObjectReachable ( objectId,
checkPermissions = true 
)

Return true if object $objectId is reachable, false otherwise.

'Reachable' means that object is on publication tree or have at least a related object on tree If $checkPermission is true an additional check on 'frontend_acccess_with_block' permission is done

Parameters:
int $objectId the object id
boolean $checkPermissions if permission has to be checked, default true
Returns:
boolean

Definition at line 357 of file api_validator.php.

References hasRelatedObjectsAccessible(), and isObjectAccessible().

Referenced by checkChildren(), checkObjectReachable(), and checkRelations().

ApiValidatorComponent::isObjectTypeWritable ( objectType  ) 

Return true if an object type is writable.

Parameters:
string $objectType the object type
Returns:
boolean

Definition at line 213 of file api_validator.php.

Referenced by checkObject().

ApiValidatorComponent::isPositiveInteger ( test  ) 

Return true if $test is a positive integer, false otherwise.

Parameters:
mixed $test the type to test
Returns:
boolean

Definition at line 579 of file api_validator.php.

Referenced by checkPositiveInteger().

ApiValidatorComponent::isRelationValid ( name,
objectType 
)

Return true if the relation $name is valid for $objectType.

Parameters:
string $name the relation name
string|int $objectType the object type name or id
Returns:
boolean

Definition at line 472 of file api_validator.php.

Referenced by checkRelations().

ApiValidatorComponent::isUrlParamsValid ( endpoint  ) 

Return true if url query string is valid for an endpoint, false otherwise All allowed url params are valid for GET requests but '__all' values that are valid for all request types.

Parameters:
string $endpoint
Returns:
boolean

Definition at line 108 of file api_validator.php.

Referenced by checkUrlParams().

ApiValidatorComponent::registerAllowedUrlParams ( array $  stringNames,
merge = true 
)

Register an array of query string names in self::$allowedUrlParams The array has to be divided by endpoint i.e.

``` array( 'endpoint_1' => array('string_one', 'string_two', ...), 'endpoint_2' => array(...) ) ```

Parameters:
array $stringNames
boolean $merge if $stringNames has to be merged to exisiting self::$allowedUrlParams
Returns:
array

Definition at line 151 of file api_validator.php.

References setAllowedUrlParams().

Referenced by startup().

ApiValidatorComponent::setAllowedUrlParams ( endpoint,
names,
merge = true 
)

Set new valid url query string names.

Parameters:
string $endpoint the endpoint to modify
string|array $names the query string names to add
boolean $merge if the names have to be added or have to replace the old one

Definition at line 182 of file api_validator.php.

Referenced by registerAllowedUrlParams().

ApiValidatorComponent::startup ( Controller $  controller  ) 

Startup component (called after Controller::beforeFilter()).

Parameters:
Controller $controller
Returns:
void

Definition at line 71 of file api_validator.php.

References registerAllowedUrlParams().


The documentation for this class was generated from the following file:
Generated on Fri Dec 11 2015 15:29:45 by Doxygen 1.7.1  BEditaBEdita 3.7 Corylus