diff --git a/api.php b/api.php index edce6be..ac87277 100644 --- a/api.php +++ b/api.php @@ -537,9 +537,95 @@ switch($request[0]) { } break; + + case "role": + //these ones dont need to be authenticated + switch($request[1]) { + /* APIDOC: role/list + description(list roles and their corresponding registration types) + return(roles array) + */ + case "list": + $q=mysql_query("SELECT * FROM roles ORDER BY name"); + $roles=array(); + while($r=mysql_fetch_assoc($q)) { + if($config[$r['type']."_registration_type"]) { + $r['registration']=$config[$r['type']."_registration_type"]; + } + else + $r['registration']="not available"; + $roles[]=$r; + } + $ret['status']="ok"; + $ret['roles']=$roles; + + break; + + /* APIDOC: role/add + post(role_id integer, password varchar(64) optional) + description(add a role for the user to the current conference. Depending on the registraiton type, an optional password (singlepassword, schoolpassword, etc) can be specified) + return(role array) + */ + case "add": + $chk=api_user_auth_required(); + if($chk['status']!="ok") { + $ret['status']="error"; + $ret['error']=$chk['error']; + break; + } + + $role_id=intval($_POST['role_id']); + $password=trim($_POST['password']); + if($password) + $addstatus=account_add_role($_SESSION['accounts_id'],$role_id,$conference['id'],$password); + else + $addstatus=account_add_role($_SESSION['accounts_id'],$role_id,$conference['id']); + + switch($addstatus) { + case "ok": $ret['status']="ok"; break; + case "invalidrole": $ret['status']="error"; $ret['error']="Invalid role"; break; + case "invalidaccount": $ret['status']="error"; $ret['error']="Invalid account"; break; + case "invalidconference": $ret['status']="error"; $ret['error']="Invalid conference"; break; + case "invalidpassword": $ret['status']="error"; $ret['error']="Invalid password for role"; break; + default: $ret['status']="error"; $ret['error']="unknown role add error"; + } + break; + + /* APIDOC: role/remove + post(role_id integer) + description(remove a role from the user for the current conference) + return(role array) + */ + case "remove": + $chk=api_user_auth_required(); + if($chk['status']!="ok") { + $ret['status']="error"; + $ret['error']=$chk['error']; + break; + } + + $role_id=intval($_POST['role_id']); + $removestatus=account_remove_role($_SESSION['accounts_id'],$role_id,$conference['id']); + + switch($removestatus) { + case "ok": $ret['status']="ok"; break; + case "invalidrole": $ret['status']="error"; $ret['error']="Invalid role"; break; + case "invalidaccount": $ret['status']="error"; $ret['error']="Invalid account"; break; + case "invalidconference": $ret['status']="error"; $ret['error']="Invalid conference"; break; + default: $ret['status']="error"; $ret['error']="unknown role remove error"; + } + + break; + + default: + $ret['status']="error"; + $ret['error']="invalid role command ({$request[1]})"; + } + break; + default: $ret['status']="error"; - $ret['error']="Invalid API command ({$request[0]})"; + $ret['error']="invalid API command ({$request[0]})"; } echo json_encode($ret); @@ -564,24 +650,4 @@ echo json_encode($ret); return(school array) */ - /* APIDOC: role/list - notimplemented - description(list roles and their corresponding registration types) - return(roles array) - */ - - /* APIDOC: role/add - notimplemented - post(role_id integer, password varchar(64) optional) - description(add a role for the user to the current conference. Depending on the registraiton type, an optional password (singlepassword, schoolpassword, etc) can be specified) - return(role array) - */ - - /* APIDOC: role/remove - notimplemented - post(role_id integer) - description(remove a role from the user for the current conference) - return(role array) - */ - ?>