From 8f6026ca785b3979c48e232b01d7981fe815acc8 Mon Sep 17 00:00:00 2001 From: liugang Date: Thu, 26 Oct 2017 17:54:34 +0800 Subject: [PATCH 1/3] + Add api.php as entrance. --- module/common/lang/en.php | 12 +++++ module/common/lang/zh-cn.php | 10 +++++ module/common/model.php | 77 ++++++++++++++++++++++++++++++++ module/entry/control.php | 40 ++++++++++------- module/entry/lang/zh-cn.php | 4 +- module/entry/model.php | 19 ++++++++ module/entry/view/log.html.php | 37 ++++++++++----- module/webhook/control.php | 5 +-- module/webhook/lang/zh-cn.php | 6 ++- module/webhook/view/log.html.php | 4 +- www/api.php | 53 ++++++++++++++++++++++ 11 files changed, 233 insertions(+), 34 deletions(-) create mode 100644 www/api.php diff --git a/module/common/lang/en.php b/module/common/lang/en.php index 4be2bdbdcc..bf5118f2d6 100644 --- a/module/common/lang/en.php +++ b/module/common/lang/en.php @@ -371,6 +371,7 @@ $lang->editor->menu = $lang->admin->menu; $lang->mail->menu = $lang->admin->menu; $lang->dev->menu = $lang->admin->menu; $lang->score->menu = $lang->admin->menu; +$lang->entry->menu = $lang->admin->menu; $lang->webhook->menu = $lang->admin->menu; /* 菜单分组。*/ @@ -421,6 +422,7 @@ $lang->error->int = array("『%s』has to be numbers", "『%s』shou $lang->error->float = "『%s』should be numbers, decimals included."; $lang->error->email = "『%s』should be valid EMAIL."; $lang->error->date = "『%s』should be valid date."; +$lang->error->code = "『%s』should be english or numbers."; $lang->error->account = "『%s』should be valid account."; $lang->error->passwordsame = "Two passwords should be consistent."; $lang->error->passwordrule = "Password should meet requirements. It should be 6 characters at least."; @@ -430,6 +432,16 @@ $lang->error->noData = 'No Data'; $lang->error->editedByOther = 'This record might have been changed. Please refresh and try to edit again!'; $lang->error->tutorialData = 'No data can be imported in tutorial mode. Please exit tutorial first!'; +$lang->error->entry = array(); +$lang->error->entry['300001'] = 'Param code not set.'; +$lang->error->entry['300002'] = 'Param token not set.'; +$lang->error->entry['310001'] = 'Entry not exist.'; +$lang->error->entry['310002'] = 'Key of entry not set.'; +$lang->error->entry['320001'] = 'IP denied.'; +$lang->error->entry['330001'] = 'Invalid token.'; +$lang->error->entry['340001'] = 'Session code not set.'; +$lang->error->entry['340002'] = 'Session verify failed.'; + /* 分页信息。*/ $lang->pager = new stdclass(); $lang->pager->noRecord = "No History"; diff --git a/module/common/lang/zh-cn.php b/module/common/lang/zh-cn.php index 6cd145fdb4..b382a8f270 100644 --- a/module/common/lang/zh-cn.php +++ b/module/common/lang/zh-cn.php @@ -432,6 +432,16 @@ $lang->error->noData = '没有数据'; $lang->error->editedByOther = '该记录可能已经被改动。请刷新页面重新编辑!'; $lang->error->tutorialData = '新手模式下不会插入数据,请退出新手模式操作'; +$lang->error->entry = array(); +$lang->error->entry['300001'] = '缺少code参数'; +$lang->error->entry['300002'] = '缺少token参数'; +$lang->error->entry['310001'] = '应用不存在'; +$lang->error->entry['310002'] = '应用未设置密钥'; +$lang->error->entry['320001'] = '该IP访问被限制访问'; +$lang->error->entry['330001'] = '不合法的token参数'; +$lang->error->entry['340001'] = '缺少session code'; +$lang->error->entry['340002'] = 'session验证失败'; + /* 分页信息。*/ $lang->pager = new stdclass(); $lang->pager->noRecord = "暂时没有记录"; diff --git a/module/common/model.php b/module/common/model.php index 941b993d29..65c9735b55 100644 --- a/module/common/model.php +++ b/module/common/model.php @@ -1351,6 +1351,83 @@ class commonModel extends model return $convertedItems; } + + /** + * Check an entry. + * + * @access public + * @return void + */ + public function checkEntry() + { + if(!$this->session->valid_entry) + { + if(!$this->session->entry_code) $this->response(340001); + if($this->session->valid_entry != md5(md5($this->get->code) . $this->server->remote_addr)) $this->response(340002); + return true; + } + + if(!$this->get->code) $this->response(300001); + if(!$this->get->token) $this->response(300002); + + $entry = $this->loadModel('entry')->getByCode($this->get->code); + if(!$entry) $this->response(310001); + if(!$entry->key) $this->response(310002); + + $this->checkEntryIP($entry->ip); + $this->checkEntryToken($entry->key); + + $this->session->set('ENTRY_CODE', $this->get->code); + $this->session->set('VALID_ENTRY', md5(md5($this->get->code) . $this->server->remote_addr)); + $this->loadModel('entry')->saveLog($entry->id, $this->server->request_uri); + } + + /** + * Check ip of an entry. + * + * @param string $ip + * @access public + * @return void + */ + public function checkEntryIP($ip) + { + $ipWhiteList = $this->config->ipWhiteList; + $this->config->ipWhiteList = $ip; + $result = $this->checkIP(); + $this->config->ipWhiteList = $ipWhiteList; + if(!$result) $this->response(320001); + } + + /** + * Check token of an entry. + * + * @param string $key + * @access public + * @return void + */ + public function checkEntryToken($key) + { + parse_str($this->server->query_String, $queryString); + unset($queryString['token']); + $queryString = http_build_query($queryString); + if($_GET['token'] != md5(md5($queryString) . $key)) $this->response(330001); + } + + /** + * Response. + * + * @param int $code + * @access public + * @return void + */ + public function response($code) + { + $response = new stdclass(); + $response->errcode = $code; + $response->errmsg = $this->lang->error->entry[$code]; + + die(helper::jsonEncode($response)); + } } class common extends commonModel diff --git a/module/entry/control.php b/module/entry/control.php index 06b94cf723..64bfeefe00 100644 --- a/module/entry/control.php +++ b/module/entry/control.php @@ -43,10 +43,10 @@ class entry extends control { if($_POST) { - $entryID = $this->entry->create(); + $id = $this->entry->create(); if(dao::isError()) $this->send(array('result' => 'fail', 'message' => dao::getError())); - $this->loadModel('action')->create('entry', $entryID, 'created'); + $this->loadModel('action')->create('entry', $id, 'created'); $this->send(array('result' => 'success', 'message' => $this->lang->entry->saveSuccess, 'locate' => inlink('browse'))); } @@ -57,26 +57,26 @@ class entry extends control /** * Edit an entry. * - * @param int $entryID + * @param int $id * @access public * @return void */ - public function edit($entryID) + public function edit($id) { if($_POST) { - $changes = $this->entry->update($entryID); + $changes = $this->entry->update($id); if(dao::isError()) $this->send(array('result' => 'fail', 'message' => dao::getError())); if($changes) { - $actionID = $this->loadModel('action')->create('entry', $entryID, 'edited'); + $actionID = $this->loadModel('action')->create('entry', $id, 'edited'); $this->action->logHistory($actionID, $changes); } $this->send(array('result' => 'success', 'message' => $this->lang->entry->saveSuccess, 'locate' => inlink('browse'))); } - $entry = $this->entry->getById($entryID); + $entry = $this->entry->getById($id); $this->view->title = $this->lang->entry->edit . $this->lang->colon . $entry->name; $this->view->entry = $entry; $this->display(); @@ -85,30 +85,40 @@ class entry extends control /** * Delete an entry. * - * @param int $entryID + * @param int $id * @access public * @return void */ - public function delete($entryID) + public function delete($id) { - $this->entry->delete(TABLE_ENTRY, $entryID); + $this->entry->delete(TABLE_ENTRY, $id); if(dao::isError()) $this->send(array('result' => 'fail', 'message' => dao::getError())); $this->send(array('result' => 'success')); } /** - * Show access logs of entry. + * Browse logs of an entry. * - * @param int $entryID + * @param int $id + * @param string $orderBy + * @param int $recTotal + * @param int $recPerPage + * @param int $pageID * @access public * @return void */ - public function log($entryID) + public function log($id, $orderBy = 'id_desc', $recTotal = 0, $recPerPage = 20, $pageID = 1) { - $entry = $this->entry->getById($entryID); + $this->app->loadClass('pager', $static = true); + $pager = new pager($recTotal, $recPerPage, $pageID); + + $entry = $this->entry->getByID($id); $this->view->title = $this->lang->entry->log . $this->lang->colon . $entry->name; - $this->view->actions = $this->loadModel('action')->getList('entry', $entryID); + $this->view->logs = $this->entry->getLogList($id, $orderBy, $pager); + $this->view->entry = $entry; + $this->view->orderBy = $orderBy; + $this->view->pager = $pager; $this->display(); } } diff --git a/module/entry/lang/zh-cn.php b/module/entry/lang/zh-cn.php index c9bcf07f03..1c0a8ab3b2 100644 --- a/module/entry/lang/zh-cn.php +++ b/module/entry/lang/zh-cn.php @@ -22,6 +22,8 @@ $lang->entry->createdBy = '由谁创建'; $lang->entry->createdDate = '创建时间'; $lang->entry->editedby = '最后编辑'; $lang->entry->editedDate = '编辑时间'; +$lang->entry->date = '请求时间'; +$lang->entry->url = '请求地址'; $lang->entry->apiIndex = '应用入口'; $lang->entry->saveSuccess = '保存成功'; @@ -30,6 +32,6 @@ $lang->entry->confirmDelete = '您确认要删除该应用吗?'; $lang->entry->note = new stdClass(); $lang->entry->note->name = '授权应用名称'; $lang->entry->note->code = '授权应用代号,必须为字母或数字的组合'; -$lang->entry->note->ip = "允许访问应用的ip,多个ip用逗号隔开。支持IP段,如192.168.1.*"; +$lang->entry->note->ip = "允许访问API的应用ip,多个ip用逗号隔开。支持IP段,如192.168.1.*"; $lang->entry->note->allIP = '无限制'; $lang->entry->note->api = 'moduleName、methodName以及参数列表替换成实际的值'; diff --git a/module/entry/model.php b/module/entry/model.php index 092c8c0556..08d41f8737 100644 --- a/module/entry/model.php +++ b/module/entry/model.php @@ -48,6 +48,25 @@ class entryModel extends model return $this->dao->select('*')->from(TABLE_ENTRY)->where('deleted')->eq('0')->orderBy($orderBy)->page($pager)->fetchAll('id'); } + /** + * Get log list of an entry . + * + * @param int $id + * @param string $orderBy + * @param object $pager + * @access public + * @return array + */ + public function getLogList($id, $orderBy = 'date_desc', $pager = null) + { + return $this->dao->select('*')->from(TABLE_LOG) + ->where('objectType')->eq('entry') + ->andWhere('objectID')->eq($id) + ->orderBy($orderBy) + ->page($pager) + ->fetchAll('id'); + } + /** * Create an entry. * diff --git a/module/entry/view/log.html.php b/module/entry/view/log.html.php index d005085aa2..bbbe144a51 100644 --- a/module/entry/view/log.html.php +++ b/module/entry/view/log.html.php @@ -1,32 +1,45 @@ - * @package entry + * @package log * @version $Id$ - * @link http://www.ranzhico.com + * @link http://www.zentao.net */ ?> - - + +
+
+ entry->common);?> + name;?> + entry->log;?> +
+
+
- - - + id}&orderBy=%s&recTotal={$pager->recTotal}&recPerPage={$pager->recPerPage}&pageID={$pager->pageID}";?> + + + - + $log):?> - - - + + + + + + + +
action->date;?>action->actor;?>entry->desc;?>entry->id);?>entry->date);?>entry->url);?>
date;?>actor);?>extra;?>date;?>url;?>
show();?>
diff --git a/module/webhook/control.php b/module/webhook/control.php index 026df9fb09..bab999ee9e 100644 --- a/module/webhook/control.php +++ b/module/webhook/control.php @@ -144,8 +144,7 @@ class webhook extends control $snoopy = $this->app->loadClass('snoopy'); foreach($dataList as $data) { - $webhook = zget($webhooks, $data->webhook, ''); - $httpCode = 0; + $webhook = zget($webhooks, $data->webhook, ''); if($webhook) { $contentType = zget($this->config->webhook->contentTypes, $webhook->contentType, 'application/json'); @@ -153,7 +152,7 @@ class webhook extends control $this->saveLog($data->webhook, $data->action, $webhook->url, $contentType, $data->data, $result); } - if($httpCode == 200) $this->dao->update(TABLE_WEBHOOKDATA)->set('status')->eq('sended')->where('id')->eq($data->id)->exec(); + $this->dao->update(TABLE_WEBHOOKDATA)->set('status')->eq('sended')->where('id')->eq($data->id)->exec(); } $this->dao->delete()->from(TABLE_WEBHOOKDATA)->where('status')->eq('sended')->exec(); diff --git a/module/webhook/lang/zh-cn.php b/module/webhook/lang/zh-cn.php index be16f050e3..2e95a320d8 100644 --- a/module/webhook/lang/zh-cn.php +++ b/module/webhook/lang/zh-cn.php @@ -22,8 +22,12 @@ $lang->webhook->product = '关联产品'; $lang->webhook->project = '关联项目'; $lang->webhook->action = '触发动作'; $lang->webhook->desc = '描述'; +$lang->webhook->createdBy = '由谁创建'; +$lang->webhook->createdDate = '创建时间'; +$lang->webhook->editedby = '最后编辑'; +$lang->webhook->editedDate = '编辑时间'; $lang->webhook->data = '数据'; -$lang->webhook->status = '状态'; +$lang->webhook->result = '结果'; $lang->webhook->sendTypeList['sync'] = '同步'; $lang->webhook->sendTypeList['async'] = '异步'; diff --git a/module/webhook/view/log.html.php b/module/webhook/view/log.html.php index 813b6cbaa4..8d2add7770 100644 --- a/module/webhook/view/log.html.php +++ b/module/webhook/view/log.html.php @@ -13,7 +13,7 @@
- type}"), $webhook->type ? $lang->webhook->dingding : $lang->webhook->common);?> + type}"), $webhook->type == 'dingding' ? $lang->webhook->dingding : $lang->webhook->common);?> name;?> webhook->log;?>
@@ -26,7 +26,7 @@ webhook->url);?> webhook->action);?> webhook->contentType);?> - webhook->status);?> + webhook->result);?> diff --git a/www/api.php b/www/api.php new file mode 100644 index 0000000000..47b3c0f838 --- /dev/null +++ b/www/api.php @@ -0,0 +1,53 @@ + + * @package ZenTaoPMS + * @version $Id: index.php 5036 2013-07-06 05:26:44Z wyd621@gmail.com $ + * @link http://www.zentao.net + */ +/* Set the error reporting. */ +error_reporting(0); + +/* Start output buffer. */ +ob_start(); + +/* Load the framework. */ +include '../framework/router.class.php'; +include '../framework/control.class.php'; +include '../framework/model.class.php'; +include '../framework/helper.class.php'; + +/* Log the time and define the run mode. */ +$startTime = getTime(); + +/* Instance the app. */ +$app = router::createApp('pms', dirname(dirname(__FILE__)), 'router'); + +/* Run the app. */ +$common = $app->loadCommon(); + +/* Check entry. */ +$common->checkEntry(); + +/* Set default params. */ +$config->requestType = 'GET'; +$config->default->view = 'json'; + +$app->parseRequest(); +$common->checkPriv(); +$app->loadModule(); + +$output = json_decode(ob_get_clean()); +$output = json_encode($output->data); + +unset($_SESSION['ENTRY_CODE']); +unset($_SESSION['VALID_ENTRY']); + +/* Flush the buffer. */ +echo helper::removeUTF8Bom($output); From 6ba9bc8b88349374cfe6476dafbe2aba9c3ef85b Mon Sep 17 00:00:00 2001 From: liugang Date: Thu, 26 Oct 2017 18:12:31 +0800 Subject: [PATCH 2/3] * Finish task #3245. --- module/block/lang/en.php | 1 + module/block/lang/zh-cn.php | 1 + module/product/model.php | 9 ++++++++- 3 files changed, 10 insertions(+), 1 deletion(-) diff --git a/module/block/lang/en.php b/module/block/lang/en.php index db1ae32a0c..ba39ca9817 100644 --- a/module/block/lang/en.php +++ b/module/block/lang/en.php @@ -280,6 +280,7 @@ $lang->block->typeList->story['closedBy'] = 'Closed by Me' ; $lang->block->typeList->product['noclosed'] = 'Open'; $lang->block->typeList->product['closed'] = 'Closed'; $lang->block->typeList->product['all'] = 'All'; +$lang->block->typeList->product['involved'] = 'Involved' $lang->block->typeList->project['undone'] = 'Undone'; $lang->block->typeList->project['isdoing'] = 'Doing'; diff --git a/module/block/lang/zh-cn.php b/module/block/lang/zh-cn.php index 0bbfe758ae..5bfaf84e0b 100644 --- a/module/block/lang/zh-cn.php +++ b/module/block/lang/zh-cn.php @@ -280,6 +280,7 @@ $lang->block->typeList->story['closedBy'] = '由我关闭'; $lang->block->typeList->product['noclosed'] = '未关闭'; $lang->block->typeList->product['closed'] = '已关闭'; $lang->block->typeList->product['all'] = '全部'; +$lang->block->typeList->product['involved'] = '我参与的'; $lang->block->typeList->project['undone'] = '未完成'; $lang->block->typeList->project['isdoing'] = '进行中'; diff --git a/module/product/model.php b/module/product/model.php index c6c579931d..fbf7193973 100644 --- a/module/product/model.php +++ b/module/product/model.php @@ -209,7 +209,14 @@ class productModel extends model return $this->dao->select('*')->from(TABLE_PRODUCT) ->where('deleted')->eq(0) ->beginIF($status == 'noclosed')->andWhere('status')->ne('closed')->fi() - ->beginIF($status != 'all' and $status != 'noclosed')->andWhere('status')->in($status)->fi() + ->beginIF($status != 'all' and $status != 'noclosed' and $status != 'involved')->andWhere('status')->in($status)->fi() + ->beginIF($status == 'involved') + ->andWhere('PO', true)->eq($this->app->user->account) + ->orWhere('QD')->eq($this->app->user->account) + ->orWhere('RD')->eq($this->app->user->account) + ->orWhere('createdBy')->eq($this->app->user->account) + ->markRight(1) + ->fi() ->beginIF($limit > 0)->limit($limit)->fi() ->orderBy('`order` desc') ->fetchAll('id'); From d41c411bfd7f8d76f129fb91a8f90615b8d8d843 Mon Sep 17 00:00:00 2001 From: liugang Date: Thu, 26 Oct 2017 18:36:41 +0800 Subject: [PATCH 3/3] + Finish task #3244. --- module/block/lang/en.php | 7 +++-- module/block/lang/zh-cn.php | 7 +++-- module/project/model.php | 47 ++++++++++++++++++++++++++++++- module/project/view/view.html.php | 2 +- 4 files changed, 55 insertions(+), 8 deletions(-) diff --git a/module/block/lang/en.php b/module/block/lang/en.php index ba39ca9817..3fcc453cb9 100644 --- a/module/block/lang/en.php +++ b/module/block/lang/en.php @@ -282,9 +282,10 @@ $lang->block->typeList->product['closed'] = 'Closed'; $lang->block->typeList->product['all'] = 'All'; $lang->block->typeList->product['involved'] = 'Involved' -$lang->block->typeList->project['undone'] = 'Undone'; -$lang->block->typeList->project['isdoing'] = 'Doing'; -$lang->block->typeList->project['all'] = 'All'; +$lang->block->typeList->project['undone'] = 'Undone'; +$lang->block->typeList->project['isdoing'] = 'Doing'; +$lang->block->typeList->project['all'] = 'All'; +$lang->block->typeList->project['involved'] = 'Involved'; $lang->block->typeList->testtask['wait'] = 'Testing Pending'; $lang->block->typeList->testtask['doing'] = 'Testing'; diff --git a/module/block/lang/zh-cn.php b/module/block/lang/zh-cn.php index 5bfaf84e0b..e1f8fe2f4f 100644 --- a/module/block/lang/zh-cn.php +++ b/module/block/lang/zh-cn.php @@ -282,9 +282,10 @@ $lang->block->typeList->product['closed'] = '已关闭'; $lang->block->typeList->product['all'] = '全部'; $lang->block->typeList->product['involved'] = '我参与的'; -$lang->block->typeList->project['undone'] = '未完成'; -$lang->block->typeList->project['isdoing'] = '进行中'; -$lang->block->typeList->project['all'] = '全部'; +$lang->block->typeList->project['undone'] = '未完成'; +$lang->block->typeList->project['isdoing'] = '进行中'; +$lang->block->typeList->project['all'] = '全部'; +$lang->block->typeList->project['involved'] = '我参与的'; $lang->block->typeList->testtask['wait'] = '待测版本'; $lang->block->typeList->testtask['doing'] = '测试中版本'; diff --git a/module/project/model.php b/module/project/model.php index a5ff1bcb47..cb89ef9044 100644 --- a/module/project/model.php +++ b/module/project/model.php @@ -601,6 +601,8 @@ class projectModel extends model */ public function getList($status = 'all', $limit = 0, $productID = 0, $branch = 0) { + if($status == 'involved') return $this->getInvolvedList($status, $limit, $productID, $branch); + if($productID != 0) { return $this->dao->select('t2.*')->from(TABLE_PROJECTPRODUCT)->alias('t1') @@ -629,6 +631,49 @@ class projectModel extends model } } + /** + * Get project lists. + * + * @param string $status involved + * @param int $limit + * @param int $productID + * @param int $branch + * @access public + * @return array + */ + public function getInvolvedList($status = 'involved', $limit = 0, $productID = 0, $branch = 0) + { + if($productID != 0) + { + return $this->dao->select('t2.*')->from(TABLE_PROJECTPRODUCT)->alias('t1') + ->leftJoin(TABLE_PROJECT)->alias('t2')->on('t1.project = t2.id') + ->leftJoin(TABLE_TEAM)->alias('t3')->on('t3.project=t2.id') + ->where('t1.product')->eq($productID) + ->andWhere('t2.deleted')->eq(0) + ->andWhere('t2.iscat')->eq(0) + ->beginIF($branch)->andWhere('t1.branch')->eq($branch)->fi() + ->andWhere('t2.openedBy', true)->eq($this->app->user->account) + ->orWhere('t3.account')->eq($this->app->user->account) + ->markRight(1) + ->orderBy('order_desc') + ->beginIF($limit)->limit($limit)->fi() + ->fetchAll('id'); + } + else + { + return $this->dao->select('t1.*, IF(INSTR(" done", t1.status) < 2, 0, 1) AS isDone')->from(TABLE_PROJECT)->alias('t1') + ->leftJoin(TABLE_TEAM)->alias('t2')->on('t2.project=t1.id') + ->where('t1.iscat')->eq(0) + ->andWhere('t1.openedBy', true)->eq($this->app->user->account) + ->orWhere('t2.account')->eq($this->app->user->account) + ->markRight(1) + ->andWhere('t1.deleted')->eq(0) + ->orderBy('t1.order_desc') + ->beginIF($limit)->limit($limit)->fi() + ->fetchAll('id'); + } + } + /** * Get projects lists grouped by product. * @@ -680,7 +725,7 @@ class projectModel extends model public function getProjectStats($status = 'undone', $productID = 0, $branch = 0, $itemCounts = 30, $orderBy = 'order_desc', $pager = null) { /* Init vars. */ - $projects = $this->getList($status, 0, $productID, $branch); + $projects = $this->getList($status, 0, $productID, $branch); foreach($projects as $projectID => $project) { if(!$this->checkPriv($project)) unset($projects[$projectID]); diff --git a/module/project/view/view.html.php b/module/project/view/view.html.php index aa3a862486..8fb16ea929 100644 --- a/module/project/view/view.html.php +++ b/module/project/view/view.html.php @@ -126,7 +126,7 @@ { if($product->type !== 'normal') { - $branchName = isset($branchGroups[$productID][$product->branch]) ? '/' . $branchGroups[$productID][$product->branch] : '' + $branchName = isset($branchGroups[$productID][$product->branch]) ? '/' . $branchGroups[$productID][$product->branch] : ''; echo html::a($this->createLink('product', 'browse', "productID=$productID&branch=$product->branch"), $product->name . $branchName); } else