implements routes for otadmin http api

ot_admin/Classes/Http/ApiController.php

@@ -0,0 +1,155 @@
+<?php
+
+namespace Opentalent\OtAdmin\Http;
+
+
+use Opentalent\OtAdmin\Controller\SiteController;
+use Psr\Log\LoggerAwareInterface;
+use Psr\Log\LoggerAwareTrait;
+use TYPO3\CMS\Core\Http\HtmlResponse;
+use TYPO3\CMS\Core\Http\ServerRequest;
+
+class ApiController implements LoggerAwareInterface
+{
+    use LoggerAwareTrait;
+
+    const ALLOWED_IPS = [
+        '/^127\.0\.0\.[0-1]$/',
+        '/^localhost$/',
+        '/^10\.8\.0\.[0-255]$/'
+    ];
+
+    /**
+     * Retrieve the organization's id from the given request parameters
+     *
+     * @param ServerRequest $request
+     * @return int
+     */
+    private function getOrganizationId(ServerRequest $request) {
+        $params = $request->getQueryParams();
+        $organizationId = $params['organization-id'];
+        if (!$organizationId) {
+            throw new \RuntimeException("Missing parameter: 'organization-id'");
+        }
+        return (int)$organizationId;
+    }
+
+    /**
+     * Check that the client Ip is allowed, else throw a Runtime error
+     *
+     * @return bool
+     */
+    private function assertIpAllowed() {
+        $clientIp = $_SERVER['REMOTE_ADDR'];
+        foreach (self::ALLOWED_IPS as $ipRule) {
+            if (preg_match($ipRule, $clientIp)) {
+                return true;
+            }
+        }
+        $route = $_REQUEST['route'];
+        $this->logger->error(sprintf(
+            "OtAdmin API: an attempt was made to call the route " .
+            $route . " from an non-allowed IP (" . $clientIp . ")"));
+        throw new \RuntimeException("Not allowed");
+    }
+
+    /**
+     * -- Target of the route 'site_create' --
+     * >> Requires a query param named 'organization-id' (int)
+     *
+     * Create the organization's website
+     *
+     * @param ServerRequest $request
+     * @return HtmlResponse
+     * @throws \Exception
+     */
+    public function createSiteAction(ServerRequest $request) {
+        $this->assertIpAllowed();
+
+        $organizationId = $this->getOrganizationId($request);
+
+        $controller = new SiteController();
+        $rootUid = $controller->createSiteAction($organizationId);
+
+        $this->logger->info(sprintf(
+            "OtAdmin API: A new website has been created with root page uid=" . $rootUid .
+            " for the organization " . $organizationId));
+
+        return new HtmlResponse("A new website has been created with root page uid=" . $rootUid);
+    }
+
+    /**
+     * -- Target of the route 'site_update' --
+     * >> Requires a query param named 'organization-id' (int)
+     *
+     * Update the settings of the organization's website
+     *
+     * @param ServerRequest $request
+     * @return HtmlResponse
+     * @throws \Exception
+     */
+    public function updateSiteConstantsAction(ServerRequest $request) {
+        $this->assertIpAllowed();
+
+        $organizationId = $this->getOrganizationId($request);
+
+        $controller = new SiteController();
+        $rootUid = $controller->updateSiteConstantsAction($organizationId);
+
+        $this->logger->info(sprintf(
+            "OtAdmin API: The website with root uid " . $rootUid . " has been updated " .
+            " (organization: " . $organizationId . ")"));
+
+        return new HtmlResponse("The website with root uid " . $rootUid . " has been updated");
+    }
+
+    /**
+     * -- Target of the route 'site_delete' --
+     * >> Requires a query param named 'organization-id' (int)
+     *
+     * Proceeds to a soft-deletion of the organization's website
+     *
+     * @param ServerRequest $request
+     * @return HtmlResponse
+     * @throws \Exception
+     */
+    public function deleteSiteAction(ServerRequest $request) {
+        $this->assertIpAllowed();
+
+        $organizationId = $this->getOrganizationId($request);
+
+        $controller = new SiteController();
+        $rootUid = $controller->deleteSiteAction($organizationId, false);
+
+        $this->logger->info(sprintf(
+            "OtAdmin API: The website with root uid " . $rootUid . " has been soft-deleted " .
+            " (organization: " . $organizationId . ")"));
+
+        return new HtmlResponse("The website with root uid " . $rootUid . " has been soft-deleted. Use the /site/undelete route to restore it.");
+    }
+
+    /**
+     * -- Target of the route 'site_undelete' --
+     * >> Requires a query param named 'organization-id' (int)
+     *
+     * Restore a soft-deleted organization's website
+     *
+     * @param ServerRequest $request
+     * @return HtmlResponse
+     * @throws \Exception
+     */
+    public function undeleteSiteAction(ServerRequest $request) {
+        $this->assertIpAllowed();
+
+        $organizationId = $this->getOrganizationId($request);
+
+        $controller = new SiteController();
+        $rootUid = $controller->undeleteSiteAction($organizationId);
+
+        $this->logger->info(sprintf(
+            "OtAdmin API: The website with root uid " . $rootUid . " has been restored " .
+            " (organization: " . $organizationId . ")"));
+
+        return new HtmlResponse("The website with root uid " . $rootUid . " has been restored");
+    }
+}

ot_admin/Configuration/Backend/Routes.php

@@ -1,12 +1,34 @@
 <?php
 
-use Opentalent\OtAdmin\Controller\SiteController;
+use Opentalent\OtAdmin\Http\ApiController;
+
+// Defines the routes used to trigger the admin actions
+// @see https://docs.typo3.org/m/typo3/reference-coreapi/master/en-us/ApiOverview/BackendRouting/Index.html
 
 return [
         // Create a new organization's website
         'site_create' => [
-            'path' => '/site-create',
-            'target' => SiteController::class . '::createSiteAction',
+            'path' => '/site/create',
+            'referrer' => 'required,refresh-empty',
+            'target' => ApiController::class . '::createSiteAction',
+            'access' => 'public'
+        ],
+        'site_delete' => [
+            'path' => '/site/delete',
+            'referrer' => 'required,refresh-empty',
+            'target' => ApiController::class . '::deleteSiteAction',
+            'access' => 'public'
+        ],
+        'site_undelete' => [
+            'path' => '/site/undelete',
+            'referrer' => 'required,refresh-empty',
+            'target' => ApiController::class . '::undeleteSiteAction',
+            'access' => 'public'
+        ],
+        'site_update' => [
+            'path' => '/site/update',
+            'referrer' => 'required,refresh-empty',
+            'target' => ApiController::class . '::updateSiteConstantsAction',
             'access' => 'public'
-        ],        
+        ],
 ];