Add release notes to 16.05.14 release
[koha.git] / C4 / Service.pm
blobfa95a61cdbd7e41d335d77d048532c01ef231587
1 package C4::Service;
3 # Copyright 2008 LibLime
5 # This file is part of Koha.
7 # Koha is free software; you can redistribute it and/or modify it
8 # under the terms of the GNU General Public License as published by
9 # the Free Software Foundation; either version 3 of the License, or
10 # (at your option) any later version.
12 # Koha is distributed in the hope that it will be useful, but
13 # WITHOUT ANY WARRANTY; without even the implied warranty of
14 # MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
15 # GNU General Public License for more details.
17 # You should have received a copy of the GNU General Public License
18 # along with Koha; if not, see <http://www.gnu.org/licenses>.
20 =head1 NAME
22 C4::Service - functions for JSON webservices.
24 =head1 SYNOPSIS
26 my ( $query, $response) = C4::Service->init( { circulate => 1 } );
27 my ( $borrowernumber) = C4::Service->require_params( 'borrowernumber' );
29 C4::Service->return_error( 'internal', 'Frobnication failed', frobnicator => 'foo' );
31 $response->param( frobnicated => 'You' );
33 C4::Service->return_success( $response );
35 =head1 DESCRIPTION
37 This module packages several useful functions for JSON webservices.
39 =cut
41 use strict;
42 use warnings;
44 use CGI qw ( -utf8 );
45 use C4::Auth qw( check_api_auth );
46 use C4::Output qw( :ajax );
47 use C4::Output::JSONStream;
48 use JSON;
50 our $debug;
52 BEGIN {
53 $debug = $ENV{DEBUG} || 0;
56 our ( $query, $cookie );
58 sub _output {
59 my ( $response, $status ) = @_;
60 binmode STDOUT, ':encoding(UTF-8)';
62 if ( $query->param( 'callback' ) ) {
63 output_with_http_headers $query, $cookie, $query->param( 'callback' ) . '(' . $response->output . ');', 'js';
64 } else {
65 output_with_http_headers $query, $cookie, $response->output, 'json', $status;
69 =head1 METHODS
71 =head2 init
73 our ( $query, $response ) = C4::Service->init( %needed_flags );
75 Initialize the service and check for the permissions in C<%needed_flags>.
77 Also, check that the user is authorized and has a current session, and return an
78 'auth' error if not.
80 init() returns a C<CGI> object and a C<C4::Output::JSONStream>. The latter can
81 be used for both flat scripts and those that use dispatch(), and should be
82 passed to C<return_success()>.
84 =cut
86 sub init {
87 my ( $class, %needed_flags ) = @_;
89 our $query = new CGI;
91 my ( $status, $cookie_, $sessionID ) = check_api_auth( $query, \%needed_flags );
93 our $cookie = $cookie_; # I have no desire to offend the Perl scoping gods
95 $class->return_error( 'auth', $status ) if ( $status ne 'ok' );
97 return ( $query, new C4::Output::JSONStream );
100 =head2 return_error
102 C4::Service->return_error( $type, $error, %flags );
104 Exit the script with HTTP status 400, and return a JSON error object.
106 C<$type> should be a short, lower case code for the generic type of error (such
107 as 'auth' or 'input').
109 C<$error> should be a more specific code giving information on the error. If
110 multiple errors of the same type occurred, they should be joined by '|'; i.e.,
111 'expired|different_ip'. Information in C<$error> does not need to be
112 human-readable, as its formatting should be handled by the client.
114 Any additional information to be given in the response should be passed as
115 param => value pairs.
117 =cut
119 sub return_error {
120 my ( $class, $type, $error, %flags ) = @_;
122 my $response = new C4::Output::JSONStream;
124 $response->param( message => $error ) if ( $error );
125 $response->param( type => $type, %flags );
127 _output( $response, '400 Bad Request' );
128 exit;
131 =head2 return_multi
133 C4::Service->return_multi( \@responses, %flags );
135 return_multi is similar to return_success or return_error, but allows you to
136 return different statuses for several requests sent at once (using HTTP status
137 "207 Multi-Status", much like WebDAV). The toplevel hashref (turned into the
138 JSON response) looks something like this:
140 { multi => JSON::true, responses => \@responses, %flags }
142 Each element of @responses should be either a plain hashref or an arrayref. If
143 it is a hashref, it is sent to the browser as-is. If it is an arrayref, it is
144 assumed to be in the same form as the arguments to return_error, and is turned
145 into an error structure.
147 All key-value pairs %flags are, as stated above, put into the returned JSON
148 structure verbatim.
150 =cut
152 sub return_multi {
153 my ( $class, $responses, @flags ) = @_;
155 my $response = new C4::Output::JSONStream;
157 if ( !@$responses ) {
158 $class->return_success( $response );
159 } else {
160 my @responses_formatted;
162 foreach my $response ( @$responses ) {
163 if ( ref( $response ) eq 'ARRAY' ) {
164 my ($type, $error, @error_flags) = @$response;
166 push @responses_formatted, { is_error => JSON::true, type => $type, message => $error, @error_flags };
167 } else {
168 push @responses_formatted, $response;
172 $response->param( 'multi' => JSON::true, responses => \@responses_formatted, @flags );
173 _output( $response, '207 Multi-Status' );
176 exit;
179 =head2 return_success
181 C4::Service->return_success( $response );
183 Print out the information in the C<C4::Output::JSONStream> C<$response>, then
184 exit with HTTP status 200.
186 =cut
188 sub return_success {
189 my ( $class, $response ) = @_;
191 _output( $response );
194 =head2 require_params
196 my @values = C4::Service->require_params( @params );
198 Check that each of of the parameters specified in @params was sent in the
199 request, then return their values in that order.
201 If a required parameter is not found, send a 'param' error to the browser.
203 =cut
205 sub require_params {
206 my ( $class, @params ) = @_;
208 my @values;
210 for my $param ( @params ) {
211 $class->return_error( 'params', "Missing '$param'" ) if ( !defined( $query->param( $param ) ) );
212 push @values, scalar $query->param( $param ); # will we ever need multi_param here?
215 return @values;
218 =head2 dispatch
220 C4::Service->dispatch(
221 [ $path_regex, \@required_params, \&handler ],
225 dispatch takes several array-refs, each one describing a 'route', to use the
226 Rails terminology.
228 $path_regex should be a string in regex-form, describing which methods and
229 paths this route handles. Each route is tested in order, from the top down, so
230 put more specific handlers first. Also, the regex is tested on the request
231 method, plus the path. For instance, you might use the route [ 'POST /', ... ]
232 to handle POST requests to your service.
234 Each named parameter in @required_params is tested for to make sure the route
235 matches, but does not raise an error if one is missing; it simply tests the next
236 route. If you would prefer to raise an error, instead use
237 C<C4::Service->require_params> inside your handler.
239 \&handler is called with each matched group in $path_regex in its arguments. For
240 example, if your service is accessed at the path /blah/123, and you call
241 C<dispatch> with the route [ 'GET /blah/(\\d+)', ... ], your handler will be called
242 with the argument '123'.
244 =cut
246 sub dispatch {
247 my $class = shift;
249 my $path_info = $query->path_info || '/';
251 ROUTE: foreach my $route ( @_ ) {
252 my ( $path, $params, $handler ) = @$route;
254 next unless ( my @match = ( ($query->request_method . ' ' . $path_info) =~ m,^$path$, ) );
256 for my $param ( @$params ) {
257 next ROUTE if ( !defined( $query->param ( $param ) ) );
260 $debug and warn "Using $path";
261 $handler->( @match );
262 return;
265 $class->return_error( 'no_handler', '' );
270 __END__
272 =head1 AUTHORS
274 Koha Development Team
276 Jesse Weaver <jesse.weaver@liblime.com>