Class ApiValidatorComponent

ApiValidatorComponent class

Used to validate data before save/delete and to test conditions on objects

Object

ApiValidatorComponent

Located at controllers/components/api_validator.php

Methods summary

`public`	# `initialize( Controller $controller, array $settings = array() )` Initialize component (called before Controller::beforeFilter()) Initialize component (called before Controller::beforeFilter()) Parameters `$controller` `$settings`
`public`	# `startup( Controller $controller )` Startup component (called after Controller::beforeFilter()) Startup component (called after Controller::beforeFilter()) Parameters `$controller`
`public`	# `checkUrlParams( string $endpoint )` Check if url query string names of the request are valid for an endpoint Check if url query string names of the request are valid for an endpoint Parameters `$endpoint` the endpoint to check Throws `BeditaBadRequestException`
`public boolean`	# `isUrlParamsValid( string $endpoint )` Return true if url query string is valid for an endpoint, false otherwise All allowed url params are valid for GET requests but '__all' values that are valid for all request types Return true if url query string is valid for an endpoint, false otherwise All allowed url params are valid for GET requests but '__all' values that are valid for all request types Parameters `$endpoint` Returns boolean
`public array`	# `registerAllowedUrlParams( array $stringNames, boolean $merge = true )` Register an array of query string names in self::$allowedUrlParams The array has to be divided by endpoint i.e. Register an array of query string names in self::$allowedUrlParams The array has to be divided by endpoint i.e. array( 'endpoint_1' => array('string_one', 'string_two', ...), 'endpoint_2' => array(...) ) Parameters `$stringNames` `$merge` if $stringNames has to be merged to exisiting self::$allowedUrlParams Returns array
`public array`	# `getAllowedUrlParams( string $endpoint = null )` Return the url query string names valid Passing the endpoint the list is filtered by it Return the url query string names valid Passing the endpoint the list is filtered by it Parameters `$endpoint` the endpoint Returns array
`public`	# `setAllowedUrlParams( string $endpoint, string\|array $names, boolean $merge = true )` Set new valid url query string names Set new valid url query string names Parameters `$endpoint` the endpoint to modify `$names` the query string names to add `$merge` if the names have to be added or have to replace the old one
`public boolean`	# `isObjectTypeWritable( string $objectType )` Return true if an object type is writable Return true if an object type is writable Parameters `$objectType` the object type Returns boolean
`public`	# `checkObject( array $object )` Check if $object data are valid for save Check if $object data are valid for save If some validation fails it throws a bad request exception Parameters `$object` object data Throws `BeditaBadRequestException`
`public`	# `checkObjectReachable( integer $objectId )` Check if an object is reachable: - check if object is reacheable looking also permissions - if it fails check again if it's reachable but without checking permissions - if it fails, then it throws 404 - if it is, then it checks if user is logged - if it fails then it throws 401 - if it is then it throws 403 Check if an object is reachable: - check if object is reacheable looking also permissions - if it fails check again if it's reachable but without checking permissions - if it fails, then it throws 404 - if it is, then it checks if user is logged - if it fails then it throws 401 - if it is then it throws 403 Parameters `$objectId` the object id Throws `BeditaNotFoundException` on object not found `BeditaUnauthorizedException` on unauthorized user session `BeditaForbiddenException` on forbidden access to object See self::isObjectReachable()
`public boolean`	# `isObjectReachable( integer $objectId, boolean $checkPermissions = true )` Return true if object $objectId is reachable, false otherwise. If `enableObjectReachableCheck` is set to false, skip check. 'Reachable' means that object is on publication tree or have at least a related object on tree If $checkPermission is true an additional check on 'frontend_acccess_with_block' permission is done Return true if object $objectId is reachable, false otherwise. If `enableObjectReachableCheck` is set to false, skip check. 'Reachable' means that object is on publication tree or have at least a related object on tree If $checkPermission is true an additional check on 'frontend_acccess_with_block' permission is done Parameters `$objectId` the object id `$checkPermissions` if permission has to be checked, default true Returns boolean
`public boolean`	# `hasRelatedObjectsAccessible( integer $objectId )` Return true if at least an object related to $objectId is on tree and it's accessible, false otherwise 'Accessible' is defined in self::isObjectAccessible() Return true if at least an object related to $objectId is on tree and it's accessible, false otherwise 'Accessible' is defined in self::isObjectAccessible() Parameters `$objectId` the object id Returns boolean
`public boolean`	# `isObjectAccessible( integer $objectId, boolean $parentsCheck = true )` Return true if $objectId is accessible for authorized user, false otherwise. 'Accessible' means without 'frontend_access_with_block' permission set for groups that the user doesn't belong. When $parentsCheck is true permission on them is also checked If object hasn't parents is not accessible Return true if $objectId is accessible for authorized user, false otherwise. 'Accessible' means without 'frontend_access_with_block' permission set for groups that the user doesn't belong. When $parentsCheck is true permission on them is also checked If object hasn't parents is not accessible Parameters `$objectId` the object id `$parentsCheck` if parents must be checked (default true) Returns boolean
`public boolean`	# `areObjectParentsAccessible( integer $objectId )` Return true if $objectId parents are accessible for authorized user, false otherwise. 'Accessible' means without 'frontend_access_with_block' permission set for groups that the user doesn't belong. Return true if $objectId parents are accessible for authorized user, false otherwise. 'Accessible' means without 'frontend_access_with_block' permission set for groups that the user doesn't belong. Parameters `$objectId` the object id Returns boolean
`public`	# `checkParents( integer\|array $parentsId )` Check if $parentsId are valid parents for the saving object Check if $parentsId are valid parents for the saving object If check fails it throws a bad request exception Parameters `$parentsId` $objectId the object id or an array of object ids Throws `BeditaBadRequestException`
`public`	# `checkObjectAccess( integer\|array $objectId )` Check if $objectId and its parents are accessible for authorized user. 'Accessible' is defined in self::isObjectAccessible() Check if $objectId and its parents are accessible for authorized user. 'Accessible' is defined in self::isObjectAccessible() If check fails it throws a bad request exception Parameters `$objectId` the object id or an array of object ids Throws `BeditaBadRequestException`
`public boolean`	# `isRelationValid( string $name, string\|integer $objectType )` Return true if the relation $name is valid for $objectType Return true if the relation $name is valid for $objectType Parameters `$name` the relation name `$objectType` the object type name or id Returns boolean
`public`	# `checkRelations( array $relations, string\|integer $objectType = null )` Check if an array of relations is valid Check if an array of relations is valid The $relations array has to be in the form array( 'attach' => array( array( 'related_id' => 1, ... ), array(...) ), 'seealso' => array(...) ) If $objectType is passed then all relations are tested against that object type All object ids inside relation are tested If check fails it throws a bad request exception Parameters `$relations` the array of relations `$objectType` an object type name or id on which test all relations Throws `BeditaBadRequestException`
`public`	# `checkEmbedRelations( array $relationsData, integer $pageSize, integer $maxSize )` Check embed relations requested. $relationsData must be in the form of 'relation_name' => number_requested, for example Check embed relations requested. $relationsData must be in the form of 'relation_name' => number_requested, for example array( 'attach' => 3, 'seealso' => 1 ) It checks that: the number requested is positive integer the total number of objects and relations embedded per page is less than max size Parameters `$relationsData` array of relations info `$pageSize` the page size `$maxSize` the max results allowed Throws `BeditaBadRequestException`
`public boolean`	# `isPositiveInteger( mixed $test )` Return true if $test is a positive integer, false otherwise Return true if $test is a positive integer, false otherwise Parameters `$test` the type to test Returns boolean
`public`	# `checkPositiveInteger( mixed $test, boolean $cast = false )` Check if $num is a positive integer Check if $num is a positive integer Parameters `$test` the type to test `$cast` set to true to trying to cast $test to int before check it Throws `BeditaBadRequestException`
`public`	# `checkChildren( array $children, integer $parentId )` Check if an array of (possible) children is valid for a parent id Check if an array of (possible) children is valid for a parent id The $children array has to be in the form array( array( 'child_id' => 1, 'priority' => 1 ), array(...) ) Parameters `$children` array of chidlren data `$parentId` the parent object id Throws `BeditaBadRequestException`
`public`	# `checkCategories( array $categories, integer $objectTypeId = null )` Check if an array of category names is valid for an object type id Check if an array of category names is valid for an object type id Parameters `$categories` $tags a list of category names `$objectTypeId` the object_type_id Throws `BeditaBadRequestException`
`public`	# `checkTags( array $tags )` Check if an array of tag names is valid. Check if an array of tag names is valid. Parameters `$tags` a list of tag names Throws `BeditaBadRequestException`
`public DateTime`	# `checkDate( string $date, string $format = DateTime::ATOM )` Check if $date is in the right $format and if it's a valid date If test passes it returns the DateTime object else it throws a BeditaBadRequestException Check if $date is in the right $format and if it's a valid date If test passes it returns the DateTime object else it throws a BeditaBadRequestException Default $format tested are the following ISO-8601 formats: - 2005-08-15T15:52:01+02:00 (DateTime::ATOM) - 2005-08-15T13:52:01.467Z (js Date().toISOString()) Parameters `$date` the date string to check `$format` the format against test $date (default ISO-8601) Returns DateTime Throws `BeditaBadRequestException`
`public`	# `checkDateItems( array $dateItems, integer $objectId = null )` Check if $dateItems contains item with allowed and valid fields $dateItems has to be an array as Check if $dateItems contains item with allowed and valid fields $dateItems has to be an array as array( 0 => array( 'start_date' => '2015-07-08T15:00:35+0200', 'end_date' => '2015-08-08T15:00:35+0200', 'days' => array(0, 2) // integer values from 0 (Sunday) to 6 (Saturday) ), 1 => array() ) If $objectId is passed and 'id' is present in some date items then check if it's valid for $objectId Parameters `$dateItems` `$objectId` Throws `BeditaBadRequestException`
`public`	# `checkGeoTags( array $geoTags, integer $objectId = null )` Check if $geoTags contains item with allowed and valid fields $geoTags has to be an array as Check if $geoTags contains item with allowed and valid fields $geoTags has to be an array as array( 0 => array( 'latitude' => 43.503815, 'longitude' => '10.470861', 'address' => 'lorem ipsum', 'title' => 'title geo tag' ) ) Since in backend only one GeoTag is handled the array has to be contain only one geotag data If $objectId is passed and 'id' is present in some date items then check if it's valid for $objectId Parameters `$geoTags` $dateItems `$objectId` Throws `BeditaBadRequestException`
`public`	# `checkCustomProperties( array $customProperties, integer\|string $objectTypeId )` Check if custom properties are valid The $customProperties array has to be in the form Check if custom properties are valid The $customProperties array has to be in the form array( 'custom_prop_name_1' => 'value1', 'custom_prop_name_2' => 'value2', 'custom_prop_name_3' => array('value3', 'value4') // multiple choice ) Parameters `$customProperties` the custom properties to validate `$objectTypeId` the object type id or name
`public`	# `isObjectTypeUploadable( string $objectType )` It says if an `$objectType` supports upload. It says if an `$objectType` supports upload. To be accepted as uploadable: it must be writable the related model must extend 'BeditaSimpleStreamModel', 'BeditaStreamModel' or implements an `apiUpload()` method Parameters `$objectType` The object type
`public array`	# `uploadableObjects( )` Retrun an array of object types that support upload Retrun an array of object types that support upload Returns array
`public`	# `checkUploadable( string $objectType, array $metaData = array() )` Check if an `$objectType` supports upload. If `$metaData` is passed it checks them too. Check if an `$objectType` supports upload. If `$metaData` is passed it checks them too. Parameters `$objectType` The object type `$metaData` The meta data to check Throws `BeditaBadRequestException` When object type doesn't support upload
`public boolean`	# `isMimeTypeValid( string $mimeType, string $objectType )` Validate a mime type against an object type. It uses validate_resource.mime.ObjectModel configuration Validate a mime type against an object type. It uses validate_resource.mime.ObjectModel configuration Parameters `$mimeType` The mime type to validate `$objectType` The object type on which validate the mime type Returns boolean
`public`	# `setReachableCheck( boolean $check = true )` Set check for reachable object (default true: check it) Set check for reachable object (default true: check it) Parameters `$check`

Properties summary

`public Controller`	`$controller` Controller instance Controller instance	# `null`
`protected array`	`$writableObjects` List of object types writable List of object types writable	# `array()`
`protected boolean`	`$enableObjectReachableCheck` Enable check of object reachability in checkObjectReachable Enable check of object reachability in checkObjectReachable	# `true`
`protected array`	`$reachableRelations` List of relations considered reachable (used to skip object reachable check) List of relations considered reachable (used to skip object reachable check)	# `array()`
`private array`	`$allowedUrlParams` The supported query string parameters names for every endpoint. The supported query string parameters names for every endpoint. See ApiBaseController::$defaultAllowedUrlParams to the right format	# `array( '__all' => array() )`

Classes

Interfaces

Exceptions

Class ApiValidatorComponent

Methods summary

Parameters

Parameters

Parameters

Throws

Parameters

Returns

Parameters

Returns

Parameters

Returns

Parameters

Parameters

Returns

Parameters

Throws

Parameters

Throws

See

Parameters

Returns

Parameters

Returns

Parameters

Returns

Parameters

Returns

Parameters

Throws

Parameters

Throws

Parameters

Returns

Parameters

Throws

Parameters

Throws

Parameters

Returns

Parameters

Throws

Parameters

Throws

Parameters

Throws

Parameters

Throws

Parameters

Returns

Throws

Parameters

Throws

Parameters

Throws

Parameters

Parameters

Returns

Parameters

Throws

Parameters

Returns

Parameters

Properties summary

See