Rev 1280 | Rev 1288 | Go to most recent revision | Show entire file | Regard whitespace | Details | Blame | Last modification | View Log | RSS feed
| Rev 1280 | Rev 1285 | ||
|---|---|---|---|
| Line 84... | Line 84... | ||
| 84 | * @return array|false |
84 | * @return array|false |
| 85 | */ |
85 | */ |
| 86 | public function restApiCall(string $requestMethod, string $endpoint, array $json_in) { |
86 | public function restApiCall(string $requestMethod, string $endpoint, array $json_in) { |
| 87 | if (str_starts_with($endpoint, 'objects/')) { |
87 | if (str_starts_with($endpoint, 'objects/')) { |
| 88 | $id = substr($endpoint, strlen('objects/')); |
88 | $id = substr($endpoint, strlen('objects/')); |
| - | 89 | if ($requestMethod == "OPTIONS") { |
|
| - | 90 | header("access-control-allow-credentials: true"); |
|
| - | 91 | header("access-control-allow-headers: Keep-Alive,User-Agent,Authorization"); |
|
| - | 92 | header("access-control-allow-methods: GET, PUT, POST, DELETE, PATCH, OPTIONS"); |
|
| - | 93 | header("access-control-allow-origin: *"); |
|
| - | 94 | http_response_code(204/*No content*/); |
|
| - | 95 | OIDplus::invoke_shutdown(); |
|
| - | 96 | die(); // return array(); |
|
| - | 97 | } |
|
| 89 | if ($requestMethod == "GET"/*Select*/) { |
98 | else if ($requestMethod == "GET"/*Select*/) { |
| 90 | $obj = OIDplusObject::findFitting($id); |
99 | $obj = OIDplusObject::findFitting($id); |
| 91 | if (!$obj) throw new OIDplusException(_L('The object %1 was not found in this database.', $id), null, 404); |
100 | if (!$obj) throw new OIDplusException(_L('The object %1 was not found in this database.', $id), null, 404); |
| 92 | 101 | ||
| 93 | if (!$obj->userHasReadRights()) throw new OIDplusException('Insufficient authorization to read information about this object.', null, 401); |
102 | if (!$obj->userHasReadRights()) throw new OIDplusException('Insufficient authorization to read information about this object.', null, 401); |
| 94 | 103 | ||