Skip to content

Instantly share code, notes, and snippets.

@ano
Last active July 3, 2021 02:31
Show Gist options
  • Save ano/01fb4f5c1595a8c5daa21f96fc132bd1 to your computer and use it in GitHub Desktop.
Save ano/01fb4f5c1595a8c5daa21f96fc132bd1 to your computer and use it in GitHub Desktop.
Create a REST API for Machform using PHP-CRUD-API version 2 and MeekroDB
<IfModule mod_rewrite.c>
RewriteEngine on
RewriteCond %{REQUEST_FILENAME} !-f
RewriteRule ^(.*)$ openapi.php/$1 [QSA,L]
</IfModule>

Machform REST API

Creates a REST API for Machform that displays only the database views. To access the swagger docs go to:

  /index.php

To access the Swagger JSON go to

  /openapi.php/openapi
<!DOCTYPE html>
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<meta charset="UTF-8">
<title>OPEN API 3.0</title>
<link rel="stylesheet" type="text/css" href="https://unpkg.com/swagger-ui-dist@3.12.1/swagger-ui.css">
</head>
<body>
<div id="swagger-ui"></div>
<script src="https://unpkg.com/swagger-ui-dist@3.12.1/swagger-ui-standalone-preset.js"></script>
<script src="https://unpkg.com/swagger-ui-dist@3.12.1/swagger-ui-bundle.js"></script>
<script>
window.onload = function() {
// Build a system
const ui = SwaggerUIBundle({
url: "./openapi.php/openapi/",
dom_id: '#swagger-ui',
deepLinking: true,
presets: [
SwaggerUIBundle.presets.apis,
SwaggerUIStandalonePreset
],
plugins: [
SwaggerUIBundle.plugins.DownloadUrl
],
layout: "StandaloneLayout",
})
window.ui = ui
}
</script>
</body>
</html>
<?php
define("BASE_PATH", "../../../"); // Relative path to Machform root folder
// Initialize REST API, docs are here: https://github.com/mevdschee/php-crud-api
define("API_CONTROLLERS", 'records,geojson,openapi'); // Enables controllers, allows geojson, records api and openapi routes
define("API_MIDDLEWARES", 'authorization'); // Enables Authorization
define("API_TITLE","Data Management API"); // Set the title
define("API_VERSION","2.0.0"); // Set the API Version
<?php
/*
* Author: Ano Tisam
* Email: an0tis@gmail.com
* Description: Display REST API for views only in Machforms. Powered by CRUD-REST-API and MeekroDB
*/
require_once("init.php"); // Initialise API Settings
require_once(BASE_PATH . "forms/v12/config.php"); // Machform Config File
require_once("db.class.php"); // Meekrodb Library
require_once("api.php"); // PHP-CRUD-API Library
use Tqdev\PhpCrudApi\Api;
use Tqdev\PhpCrudApi\Config;
use Tqdev\PhpCrudApi\RequestFactory;
use Tqdev\PhpCrudApi\ResponseUtils;
$config = new Config([
'username' => MF_DB_USER,
'password' => MF_DB_PASSWORD,
'database' => MF_DB_NAME,
'address' => MF_DB_HOST,
'controllers' => API_CONTROLLERS,
'middlewares' => API_MIDDLEWARES,
'openApiBase' => '{"info":{"title":"' . API_TITLE .'","version":"' . API_VERSION . '"}}',
'authorization.tableHandler' => function ($operation, $tableName) {
return view_exists($tableName) ? true : false; // Only display database views
}
]);
//compress json
ob_start('ob_gzhandler');
$request = RequestFactory::fromGlobals();
$api = new Api($config);
$response = $api->handle($request);
ResponseUtils::output($response);
//Check to see if the view exists
function view_exists($table){
$mdb = new MeekroDB(MF_DB_HOST, MF_DB_USER, MF_DB_PASSWORD, MF_DB_NAME, 3306, 'utf8');
return $mdb->queryFirstField("SELECT TABLE_NAME FROM information_schema.tables WHERE TABLE_SCHEMA = %s AND TABLE_NAME = %s AND TABLE_TYPE LIKE 'VIEW'", MF_DB_NAME, $table);
}
//Check to see if the view is updateable
function view_is_updateable($table){
$mdb = new MeekroDB(MF_DB_HOST, MF_DB_USER, MF_DB_PASSWORD, MF_DB_NAME, 3306, 'utf8');
return ("YES" == $mdb->queryFirstField("SELECT is_updatable FROM information_schema.views WHERE TABLE_SCHEMA = %s AND TABLE_NAME = %s", MF_DB_NAME, $table));
}
?>
@ano
Copy link
Author

ano commented Jul 3, 2021

  //Table authorisation example. See here: https://github.com/mevdschee/php-crud-api/issues/699
  'authorization.tableHandler' => function ($operation, $tableName) {
	  if (in_array($operation, ['document','read', 'list']) && $tableName == 'UserFavorites') {
			    return $tableName;
	  }
	  if (in_array($operation, ['delete']) && (in_array($tableName, ['Users', 'Streams']))) {
			    return false;
  }

@ano
Copy link
Author

ano commented Jul 3, 2021

//Table authorisation example: Only allow permissions for the following operations -> List, View and Document API
  'authorization.tableHandler' => function ($operation, $tableName) {
	  return in_array($operation, ['document','read', 'list']) );
  }

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment