Add basic API support

Mainly for uploading new images programatically
raspberrypi · Oct 15, 2021 · 4a27fde · 4a27fde
1 parent d44e3b0
commit 4a27fde
Show file tree

Hide file tree

Showing 8 changed files with 128 additions and 9 deletions.
diff --git a/app/Http/Controllers/AddImageController.php b/app/Http/Controllers/AddImageController.php
@@ -22,7 +22,7 @@ function($attribute, $value, $parameters, $validator) {
             if (!$value instanceof \Illuminate\Http\UploadedFile) {
                 return false;
             }
-    
+
             $extension = $value->getClientOriginalExtension();
             return $extension != '' && in_array($extension, $parameters);
         }, "Only .gz, .bz2 and .xz images are supported");
@@ -43,7 +43,14 @@ function($attribute, $value, $parameters, $validator) {
         $data['image']->move(public_path("uploads"), $i->filename_on_server);
         $i->save();
 
-        session()->flash('message', 'Image added.');        
-        return redirect()->route('images');
+        if ($req->wantsJson())
+        {
+            return $i;
+        }
+        else
+        {
+            session()->flash('message', 'Image added.');
+            return redirect()->route('images');
+        }
     }
 }
diff --git a/app/Http/Kernel.php b/app/Http/Kernel.php
@@ -40,7 +40,8 @@ class Kernel extends HttpKernel
         ],
 
         'api' => [
-            'throttle:api',
+            //'throttle:api',
+            \App\Http\Middleware\ForceJson::class,
             \Illuminate\Routing\Middleware\SubstituteBindings::class,
         ],
     ];

diff --git a/app/Http/Middleware/ForceJson.php b/app/Http/Middleware/ForceJson.php
@@ -0,0 +1,22 @@
+<?php
+
+namespace App\Http\Middleware;
+
+use Closure;
+use Illuminate\Http\Request;
+
+class ForceJson
+{
+    /**
+     * Handle an incoming request.
+     *
+     * @param  \Illuminate\Http\Request  $request
+     * @param  \Closure  $next
+     * @return mixed
+     */
+    public function handle(Request $request, Closure $next)
+    {
+        $request->headers->set('Accept', 'application/json');
+        return $next($request);
+    }
+}
diff --git a/app/Models/Label.php b/app/Models/Label.php
@@ -10,4 +10,5 @@ class Label extends Model
     use HasFactory;
 
     protected $fillable = ['name', 'printer_type', 'print_command', 'ftp_hostname', 'ftp_username', 'ftp_password', 'template', 'file_extension'];
+    protected $hidden = ['ftp_password'];
 }
diff --git a/config/jetstream.php b/config/jetstream.php
@@ -44,7 +44,7 @@
     'features' => [
         // Features::termsAndPrivacyPolicy(),
         // Features::profilePhotos(),
-        // Features::api(),
+        Features::api(),
         // Features::teams(['invitations' => true]),
         Features::accountDeletion(),
     ],

diff --git a/debian/changelog b/debian/changelog
@@ -1,8 +1,17 @@
+cmprovision4 (1.1) UNRELEASED; urgency=medium
+
+  * nginx: turn off request buffering
+  * warn user of 32-bit OS of file upload size limit
+  * image list: add file upload date
+  * add simple API support for uploading new images
+
+ -- Floris Bos <[email protected]>  Fri, 15 Oct 2021 21:48:42 +0200
+
 cmprovision4 (1.0) UNRELEASED; urgency=medium
 
   * Add EEPROM firmware support.
   * Add static IP support.
-  * Add e4:5f:01 OUI 
+  * Add e4:5f:01 OUI
 
  -- Floris Bos <[email protected]>  Fri, 07 May 2021 13:47:40 +0200
 

diff --git a/debian/control b/debian/control
@@ -7,6 +7,6 @@ Standards-Version: 4.5.0
 
 Package: cmprovision4
 Architecture: all
-Depends: ${misc:Depends}, rpiboot, dnsmasq-base, nginx, sqlite3, php-cli (>=7.3), php-fpm (>=7.3), php-sqlite3 (>=7.3), php-bcmath (>=7.3), php-mbstring (>=7.3), php-xml (>=7.3), php-zip (>=7.3), sudo
+Depends: ${misc:Depends}, rpiboot, dnsmasq-base, nginx, sqlite3, php-cli (>=7.3), php-fpm (>=7.3), php-sqlite3 (>=7.3), php-bcmath (>=7.3), php-mbstring (>=7.3), php-xml (>=7.3), php-zip (>=7.3), sudo, adduser
 Conflicts: usbbootgui
 Description: Webapplication to provision CM4 modules
diff --git a/routes/api.php b/routes/api.php
@@ -2,6 +2,13 @@
 
 use Illuminate\Http\Request;
 use Illuminate\Support\Facades\Route;
+use App\Models\Cm;
+use App\Models\Project;
+use App\Models\Firmware;
+use App\Models\Image;
+use App\Models\Script;
+use App\Models\Label;
+use App\Http\Controllers\AddImageController;
 
 /*
 |--------------------------------------------------------------------------
@@ -14,6 +21,78 @@
 |
 */
 
-Route::middleware('auth:sanctum')->get('/user', function (Request $request) {
-    return $request->user();
+/* Routes to list all information of a certain group */
+
+Route::middleware('auth:sanctum')->get('/cms', function (Request $request) {
+    return Cm::orderBy('id')->get();
+});
+
+Route::middleware('auth:sanctum')->get('/projects/{projectId}/cms', function (Request $request, $projectId) {
+    return Cm::where('project_id', $projectId)->orderBy('id')->get()->toJson();
+});
+
+Route::middleware('auth:sanctum')->get('/projects', function (Request $request) {
+    return Project::orderBy('name')->get();
+});
+
+Route::middleware('auth:sanctum')->get('/images', function (Request $request) {
+    return Image::orderBy('filename')->orderBy('id')->get();
+});
+
+Route::middleware('auth:sanctum')->get('/firmware', function (Request $request) {
+    return Firmware::all();
+});
+
+Route::middleware('auth:sanctum')->get('/scripts', function (Request $request) {
+    return Script::orderBy('name')->get();
+});
+
+Route::middleware('auth:sanctum')->get('/labels', function (Request $request) {
+    return Label::orderBy('name')->get();
+});
+
+/* Routes to add or update individual objects */
+
+Route::middleware('auth:sanctum')->post('/images', function (Request $request) {
+    if ($request->user()->tokenCan('create'))
+    {
+        $c = new AddImageController;
+        return $c->store($request);
+    }
+    else
+    {
+        App::abort(403, "API user lacks 'create' permission");
+    }
+});
+
+Route::middleware('auth:sanctum')->get('/images/{imageId}', function (Request $request, $imageId) {
+    return Image::findOrFail($imageId);
+});
+
+Route::middleware('auth:sanctum')->delete('/images/{imageId}', function (Request $request, $imageId) {
+    if ($request->user()->tokenCan('delete'))
+    {
+        Image::findOrFail($imageId)->delete();
+    }
+    else
+    {
+        App::abort(403, "API user lacks 'delete' permission");
+    }
+});
+
+Route::middleware('auth:sanctum')->get('/projects/{projectId}', function (Request $request, $projectId) {
+    return Project::findOrFail($projectId);
+});
+
+Route::middleware('auth:sanctum')->patch('/projects/{projectId}', function (Request $request, $projectId) {
+    if ($request->user()->tokenCan('update'))
+    {
+        $project = Project::findOrFail($projectId);
+        $project->update($request->all());
+        return $project;
+    }
+    else
+    {
+        App::abort(403, "API user lacks 'update' permission");        
+    }
 });