File:
0.01.0a/api.php (
View as Code)
1: 2: /* -------------------------------------------------------------
3: This file is part of FreeDESK
4:
5: FreeDESK is (C) Copyright 2012 David Cutting
6:
7: FreeDESK is free software: you can redistribute it and/or modify
8: it under the terms of the GNU General Public License as published by
9: the Free Software Foundation, either version 3 of the License, or
10: (at your option) any later version.
11:
12: FreeDESK is distributed in the hope that it will be useful,
13: but WITHOUT ANY WARRANTY; without even the implied warranty of
14: MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
15: GNU General Public License for more details.
16:
17: You should have received a copy of the GNU General Public License
18: along with FreeDESK. If not, see www.gnu.org/licenses
19:
20: For more information see www.purplepixie.org/freedesk/
21: -------------------------------------------------------------- */
22:
23: ob_start();
24: include("core/FreeDESK.php");
25: $DESK = new FreeDESK("./");
26: $DESK->Start();
27: ob_end_clean();
28:
29: header("Content-type: text/xml");
30: header("Expires: Tue, 27 Jul 1997 01:00:00 GMT");
31: header("Cache-Control: no-store, no-cache, must-revalidate");
32: header("Cache-Control: post-check=0, pre-check=0", false);
33: header("Pragma: no-cache");
34:
35: if (!isset($_REQUEST['mode']))
36: {
37: $error = new FreeDESK_Error(ErrorCode::UnknownMode, "Unknown Mode");
38: echo $error->XML(true);
39: exit();
40: }
41:
42: if ($_REQUEST['mode']=="login")
43: {
44: //echo $_REQUEST['username'].$_REQUEST['password'];
45: // TODO: Other Login Modes
46: if ($DESK->ContextManager->Open(ContextType::User, "", $_REQUEST['username'], $_REQUEST['password']))
47: {
48: echo $DESK->ContextManager->Session->XML(true);
49: exit();
50: }
51: else // Login failed
52: {
53: $error = new FreeDESK_Error(ErrorCode::FailedLogin, "Login Failed");
54: echo $error->XML(true);
55: exit();
56: }
57: }
58: else if ($_REQUEST['mode']=="logout")
59: {
60: if ($DESK->ContextManager->Open(ContextType::User, $_REQUEST['sid']))
61: $DESK->ContextManager->Destroy();
62: $xml = new xmlCreate();
63: $xml->charElement("logout","1");
64: echo $xml->getXML(true);
65: exit();
66: }
67:
68: if (!$DESK->ContextManager->Open(ContextType::User, $_REQUEST['sid']))
69: {
70: $error = new FreeDESK_Error(ErrorCode::SessionExpired, "Session Expired");
71: echo $error->XML(true);
72: exit();
73: }
74:
75: if ($_REQUEST['mode']=="requests_assigned")
76: {
77: $team = isset($_REQUEST['teamid']) ? $_REQUEST['teamid'] : 0;
78: $user = isset($_REQUEST['username']) ? $_REQUEST['username'] : "";
79: $sort = isset($_REQUEST['sort']) ? $_REQUEST['sort'] : "";
80: $order = isset($_REQUEST['order']) && $_REQUEST['order']=="D" ? "DESC" : "ASC";
81: $list = $DESK->RequestManager->FetchAssigned($team, $user, $sort, $order);
82: echo xmlCreate::getHeader()."\n";
83: echo "\n";
84: foreach($list as $item)
85: {
86: echo $item->XML(false)."\n";
87: }
88: echo "\n";
89: exit();
90: }
91:
92: if ($_REQUEST['mode']=="entity_search")
93: {
94: $entity = $DESK->DataDictionary->GetTable($_REQUEST['entity']);
95:
96: if ($entity === false || !$entity->editable)
97: {
98: $err = new FreeDESK_Error(ErrorCode::EntityError, "Entity Error");
99: echo $err->XML(true);
100: exit();
101: }
102:
103: if (!$DESK->ContextManager->Permission("entity_view.".$_REQUEST['entity']))
104: {
105: $err = new FreeDESK_error(ErrorCode::PermissionDenied, "Permission Denied to Entity");
106: echo $err->XML(true);
107: exit();
108: }
109:
110: // ENTITY MANAGER
111: $q="SELECT * FROM ".$DESK->Database->Table($entity->entity);
112:
113:
114: $qb = new QueryBuilder();
115: $fieldcount = 0;
116: foreach($entity->fields as $key => $field)
117: {
118: if ($field->searchable && isset($_REQUEST[$key]) && ($_REQUEST[$key]!=""))
119: {
120: if ($fieldcount++ > 0)
121: $qb->AddOperation(QueryType::opAND);
122:
123: if ( ($field->type==DD_FieldType::Char || $field->type==DD_FieldType::Text) &&
124: strpos($_REQUEST[$key], "%") !== true )
125: $qb->Add($key, QueryType::Like, $DESK->Database->SafeQuote($_REQUEST[$key]));
126: else
127: $qb->Add($key, QueryType::Equal, $DESK->Database->SafeQuote($_REQUEST[$key]));
128: }
129: }
130:
131:
132:
133: if (isset($_REQUEST['start']))
134: $start=$_REQUEST['start'];
135: else
136: $start = 0;
137:
138: if (isset($_REQUEST['limit']))
139: $limit=$_REQUEST['limit'];
140: else
141: $limit = 30;
142:
143:
144: $wc = $DESK->Database->Clause($qb);
145:
146: if ($wc != "")
147: $q.=" WHERE ".$wc;
148:
149: $meta = array(
150: "start" => $start,
151: "limit" => $limit );
152:
153: $r=$DESK->Database->Query($q);
154:
155: $meta["count"]=$DESK->Database->NumRows($r);
156:
157: if ($meta["count"]>$limit)
158: {
159: $q.=" LIMIT ".$DESK->Database->Safe($start).",".$DESK->Database->Safe($limit);
160: $DESK->Database->Free($r);
161: $r=$DESK->Database->Query($q);
162: }
163:
164: $xml = new xmlCreate();
165: $xml->startElement("search-results");
166: $xml->startElement("meta");
167: foreach($meta as $key => $val)
168: $xml->charElement($key, $val);
169: $keyfield="";
170: foreach($entity->fields as $key => $field)
171: {
172: if ($field->keyfield)
173: $keyfield=$field->field;
174: $xml->startElement("field-data");
175: $xml->charElement("id",$field->field);
176: $xml->charElement("name",$field->name, 0, false, true);
177: $xml->endElement("field-data");
178: }
179: $xml->charElement("keyfield",$keyfield);
180: $xml->endElement("meta");
181:
182: while($row=$DESK->Database->FetchAssoc($r))
183: {
184: $xml->startElement("entity");
185: foreach($row as $key => $val)
186: {
187: $xml->charElement("field", $val, array("id"=>$key), false, true);
188: }
189: $xml->endElement("entity");
190: }
191: $DESK->Database->Free($r);
192:
193: $xml->endElement("search-results");
194:
195: echo $xml->getXML(true);
196: exit();
197: }
198:
199: else if ($_REQUEST['mode'] == "entity_save")
200: {
201: $entity = $_REQUEST['entity'];
202: $table = $DESK->DataDictionary->GetTable($entity);
203:
204: if ($entity === false)
205: {
206: $err = new FreeDESK_Error(ErrorCode::EntityError, "Entity Error (Not Found)");
207: echo $err->XML(true);
208: exit();
209: }
210:
211: $keyfield = $table->keyfield;
212:
213: $data = $DESK->EntityManager->Load($entity, $_REQUEST[$keyfield]);
214:
215:
216: if ($data === false)
217: {
218: $err = new FreeDESK_Error(ErrorCode::EntityError, "Entity Error (Not Loaded)");
219: echo $err->XML(true);
220: exit();
221: }
222:
223: foreach($table->fields as $id => $field)
224: {
225: if ($id != $keyfield)
226: if (isset($_REQUEST[$id]))
227: $data->Set($id, $_REQUEST[$id]);
228: }
229:
230: $result = $DESK->EntityManager->Save($data);
231:
232: if ($result)
233: {
234: $xml = new xmlCreate();
235: $xml->charElement("operation","1");
236: echo $xml->getXML(true);
237: exit();
238: }
239: else
240: {
241: $err = new FreeDESK_Error(ErrorCode::EntityError, "Entity Error (Not Saved)");
242: echo $err->XML(true);
243: exit();
244: }
245: }
246:
247: else if ($_REQUEST['mode'] == "entity_create")
248: {
249: $entity = $_REQUEST['entity'];
250: $table = $DESK->DataDictionary->GetTable($entity);
251:
252: if ($entity === false)
253: {
254: $err = new FreeDESK_Error(ErrorCode::EntityError, "Entity Error (Not Found)");
255: echo $err->XML(true);
256: exit();
257: }
258:
259: $data = $DESK->EntityManager->Create($entity);
260:
261: foreach($table->fields as $id => $field)
262: {
263: if ($id != $keyfield)
264: if (isset($_REQUEST[$id]))
265: $data->Set($id, $_REQUEST[$id]);
266: }
267:
268: $result = $DESK->EntityManager->Insert($data);
269:
270: if ($result)
271: {
272: $xml = new xmlCreate();
273: $xml->charElement("operation","1");
274: echo $xml->getXML(true);
275: exit();
276: }
277: else
278: {
279: $err = new FreeDESK_Error(ErrorCode::EntityError, "Entity Error (Not Saved)");
280: echo $err->XML(true);
281: exit();
282: }
283: }
284:
285: else if ($_REQUEST['mode'] == "user_edit")
286: {
287: if (!$DESK->ContextManager->Permission("user_admin"))
288: {
289: $error = new FreeDESK_Error(ErrorCode::Forbidden, "Permission Denied");
290: echo $error->XML(true);
291: exit();
292: }
293:
294: $q = "UPDATE ".$DESK->Database->Table("user")." SET ";
295:
296: $q.=$DESK->Database->Field("username")."=".$DESK->Database->SafeQuote($_REQUEST['username']).",";
297: $q.=$DESK->Database->Field("realname")."=".$DESK->Database->SafeQuote($_REQUEST['realname']).",";
298: $q.=$DESK->Database->Field("email")."=".$DESK->Database->SafeQuote($_REQUEST['email']).",";
299: $q.=$DESK->Database->Field("permgroup")."=".$DESK->Database->SafeQuote($_REQUEST['permgroup']);
300:
301: $q.=" WHERE ".$DESK->Database->Field("username")."=".$DESK->Database->SafeQuote($_REQUEST['original_username']);
302:
303: $DESK->Database->Query($q);
304:
305: if (isset($_REQUEST['password']) && $_REQUEST['password']!="")
306: {
307: $amb = new AuthMethodStandard($DESK);
308: $amb->SetPassword($_REQUEST['username'], $_REQUEST['password']);
309: }
310:
311: $q="DELETE FROM ".$DESK->Database->Table("teamuserlink")." WHERE ".$DESK->Database->Field("username")."="
312: .$DESK->Database->SafeQuote($_REQUEST['original_username']);
313: $DESK->Database->Query($q);
314:
315: if (isset($_REQUEST['team']))
316: {
317: foreach($_REQUEST['team'] as $team)
318: {
319: $q="INSERT INTO ".$DESK->Database->Table("teamuserlink")."(".$DESK->Database->Field("username").","
320: .$DESK->Database->Field("teamid").") VALUES(".$DESK->Database->SafeQuote($_REQUEST['username']).","
321: .$DESK->Database->Safe($team).")";
322: $DESK->Database->Query($q);
323: }
324: }
325:
326: $xml = new xmlCreate();
327: $xml->charElement("operation","1");
328: echo $xml->getXML(true);
329: exit();
330: }
331:
332: else if ($_REQUEST['mode'] == "request_update")
333: {
334: // TODO: PERMISSIONS + PUBLIC
335:
336: $public=false;
337: if (isset($_REQUEST['public']) && $_REQUEST['public']==1)
338: $public=true;
339:
340: $req = $DESK->RequestManager->Fetch($_REQUEST['requestid']);
341: if ($req === false)
342: {
343: $error = new FreeDESK_Error(ErrorCode::UnknownRequest, "Unknown Request");
344: echo $error->XML(true);
345: exit();
346: }
347:
348: if (isset($_REQUEST['update']) && $_REQUEST['update']!="")
349: $req->Update($_REQUEST['update'], $public);
350:
351: if (isset($_REQUEST['status']) && $_REQUEST['status']!="" && $_REQUEST['status']!=" " && is_numeric($_REQUEST['status']))
352: $req->Status($_REQUEST['status'], $public);
353:
354: // TODO: ASSIGNMENT PERMISSION
355: if (isset($_REQUEST['assign']) && $_REQUEST['assign'] != "" && $_REQUEST['assign'] != " ") // Composite assignment
356: {
357: $team = 0;
358: $user = "";
359:
360: $assign = $_REQUEST['assign'];
361:
362: if (is_numeric($assign)) // just a team
363: $team = $assign;
364: else
365: {
366: $parts = explode("/",$assign);
367: $team = $parts[0];
368: if (isset($parts[1]))
369: $user=$parts[1];
370: }
371:
372: $req->Assign($team, $user, $public);
373: }
374:
375:
376: $xml = new xmlCreate();
377: $xml->charElement("operation","1");
378: echo $xml->getXML(true);
379: exit();
380: }
381:
382: else if ($_REQUEST['mode'] == 'request_create')
383: {
384: if (isset($_REQUEST['class']))
385: $class = $_REQUEST['class'];
386: else
387: $class = "";
388:
389: // Request of required class
390: $req = $DESK->RequestManager->CreateById($class);
391:
392: // Assignment of request: TODO permissions for this!
393: $team=0;
394: $user="";
395:
396: if (isset($_REQUEST['assign']))
397: {
398: if (is_numeric($assign)) // just a team
399: $team = $assign;
400: else
401: {
402: $parts = explode("/",$assign);
403: $team = $parts[0];
404: if (isset($parts[1]))
405: $user=$parts[1];
406: }
407: }
408:
409: $id = $req->Create($_REQUEST['customer'], $_REQUEST['update'], $class, $_REQUEST['status'], $_REQUEST['priority'],
410: $team, $user);
411:
412: $xml = new xmlCreate();
413: $xml->charElement("request", $id);
414: echo $xml->getXML(true);
415: exit();
416: }
417:
418: else if ($_REQUEST['mode'] == 'permission_save')
419: {
420: if (!$DESK->ContextManager->Permission("user_admin"))
421: {
422: $error = new FreeDESK_Error(ErrorCode::Forbidden, "Permission Denied");
423: echo $error->XML(true);
424: exit();
425: }
426:
427: if ($_REQUEST['type'] == "user")
428: {
429: $type="user";
430: $usergroupid=$_REQUEST['username'];
431: }
432: else if ($_REQUEST['type'] == "group")
433: {
434: $type="group";
435: $usergroupid=$_REQUEST['groupid'];
436: }
437: else
438: {
439: $error = new FreeDESK_Error(ErrorCode::UnknownMode, "Unknown Mode ".$_REQUEST['mode']);
440: echo $error->XML(true);
441: exit();
442: }
443:
444: $q="DELETE FROM ".$DESK->Database->Table("permissions")." WHERE ";
445: $q.=$DESK->Database->Field("permissiontype")."=".$DESK->Database->SafeQuote($type)." AND ";
446: $q.=$DESK->Database->Field("usergroupid")."=".$DESK->Database->SafeQuote($usergroupid);
447:
448: $DESK->Database->Query($q);
449:
450: $perms = $DESK->PermissionManager->PermissionList();
451:
452: foreach($perms as $perm => $def)
453: {
454: $htmlperm = str_replace(".","#",$perm);
455: if (isset($_REQUEST[$htmlperm]))
456: {
457: $DESK->LoggingEngine->Log($perm,$_REQUEST[$htmlperm],"hi");
458: $val=-1;
459: if ($_REQUEST[$htmlperm] == "1")
460: $val=1;
461: else if ($_REQUEST[$htmlperm] == "0")
462: $val=0;
463:
464: if ($val==1 || $val==0)
465: {
466: $q="INSERT INTO ".$DESK->Database->Table("permissions")."(";
467: $q.=$DESK->Database->Field("permissiontype").",".$DESK->Database->Field("permission").",";
468: $q.=$DESK->Database->Field("usergroupid").",".$DESK->Database->Field("allowed").") VALUES(";
469: $q.=$DESK->Database->SafeQuote($type).",".$DESK->Database->SafeQuote($perm).",";
470: $q.=$DESK->Database->SafeQuote($usergroupid).",".$DESK->Database->Safe($val).")";
471:
472: $DESK->Database->Query($q);
473: }
474: }
475: }
476:
477:
478: $xml = new xmlCreate();
479: $xml->charElement("operation","1");
480: echo $xml->getXML(true);
481: exit();
482: }
483:
484: else if ($_REQUEST['mode'] == "create_user")
485: {
486: if (!$DESK->ContextManager->Permission("user_admin"))
487: {
488: $error = new FreeDESK_Error(ErrorCode::Forbidden, "Permission Denied");
489: echo $error->XML(true);
490: exit();
491: }
492:
493: if ($_REQUEST['username'] != "")
494: {
495: $q="INSERT INTO ".$DESK->Database->Table("user")."(".$DESK->Database->Field("username").") VALUES(";
496: $q.=$DESK->Database->SafeQuote($_REQUEST['username']).")";
497: $DESK->Database->Query($q);
498: }
499: $xml = new xmlCreate();
500: $xml->charElement("operation","1");
501: echo $xml->getXML(true);
502: exit();
503: }
504:
505: else if ($_REQUEST['mode'] == "delete_user")
506: {
507: // TODO: Delete related data e.g. perms, links and reassign requests
508: if (!$DESK->ContextManager->Permission("user_admin"))
509: {
510: $error = new FreeDESK_Error(ErrorCode::Forbidden, "Permission Denied");
511: echo $error->XML(true);
512: exit();
513: }
514:
515: if ($_REQUEST['username'] != "")
516: {
517: $q="DELETE FROM ".$DESK->Database->Table("user")." WHERE ";
518: $q.=$DESK->Database->Field("username")."=".$DESK->Database->SafeQuote($_REQUEST['username']);
519: $DESK->Database->Query($q);
520: }
521: $xml = new xmlCreate();
522: $xml->charElement("operation","1");
523: echo $xml->getXML(true);
524: exit();
525: }
526:
527: else if ($_REQUEST['mode'] == "permgroup_delete")
528: {
529: $id=$_REQUEST['permgroupid'];
530: if (!$DESK->ContextManager->Permission("user_admin"))
531: {
532: $error = new FreeDESK_Error(ErrorCode::Forbidden, "Permission Denied");
533: echo $error->XML(true);
534: exit();
535: }
536:
537: $DESK->PermissionManager->DeleteGroup($id);
538:
539: $xml = new xmlCreate();
540: $xml->charElement("operation","1");
541: echo $xml->getXML(true);
542: exit();
543: }
544:
545: else if ($_REQUEST['mode'] == "permgroup_create")
546: {
547: $name=$_REQUEST['groupname'];
548: if (!$DESK->ContextManager->Permission("user_admin"))
549: {
550: $error = new FreeDESK_Error(ErrorCode::Forbidden, "Permission Denied");
551: echo $error->XML(true);
552: exit();
553: }
554:
555: $DESK->PermissionManager->CreateGroup($name);
556:
557: $xml = new xmlCreate();
558: $xml->charElement("operation","1");
559: echo $xml->getXML(true);
560: exit();
561: }
562:
563: else if ($_REQUEST['mode'] == "team_create")
564: {
565: $name=$_REQUEST['teamname'];
566: if (!$DESK->ContextManager->Permission("user_admin"))
567: {
568: $error = new FreeDESK_Error(ErrorCode::Forbidden, "Permission Denied");
569: echo $error->XML(true);
570: exit();
571: }
572:
573: $DESK->RequestManager->CreateTeam($name);
574:
575: $xml = new xmlCreate();
576: $xml->charElement("operation","1");
577: echo $xml->getXML(true);
578: exit();
579: }
580:
581: else if ($_REQUEST['mode'] == "team_update")
582: {
583: $name=$_REQUEST['teamname'];
584: $id=$_REQUEST['id'];
585: if (!$DESK->ContextManager->Permission("user_admin"))
586: {
587: $error = new FreeDESK_Error(ErrorCode::Forbidden, "Permission Denied");
588: echo $error->XML(true);
589: exit();
590: }
591:
592: $DESK->RequestManager->UpdateTeam($id,$name);
593:
594: $xml = new xmlCreate();
595: $xml->charElement("operation","1");
596: echo $xml->getXML(true);
597: exit();
598: }
599:
600: else if ($_REQUEST['mode'] == "team_delete")
601: {
602: $id=$_REQUEST['id'];
603: if (!$DESK->ContextManager->Permission("user_admin"))
604: {
605: $error = new FreeDESK_Error(ErrorCode::Forbidden, "Permission Denied");
606: echo $error->XML(true);
607: exit();
608: }
609:
610: $DESK->RequestManager->DeleteTeam($id);
611:
612: $xml = new xmlCreate();
613: $xml->charElement("operation","1");
614: echo $xml->getXML(true);
615: exit();
616: }
617:
618: else if ($_REQUEST['mode'] == "status_create")
619: {
620: $name=$_REQUEST['name'];
621: if (!$DESK->ContextManager->Permission("user_admin"))
622: {
623: $error = new FreeDESK_Error(ErrorCode::Forbidden, "Permission Denied");
624: echo $error->XML(true);
625: exit();
626: }
627:
628: $DESK->RequestManager->CreateStatus($name);
629:
630: $xml = new xmlCreate();
631: $xml->charElement("operation","1");
632: echo $xml->getXML(true);
633: exit();
634: }
635:
636: else if ($_REQUEST['mode'] == "status_delete")
637: {
638: $id=$_REQUEST['id'];
639: if (!$DESK->ContextManager->Permission("user_admin"))
640: {
641: $error = new FreeDESK_Error(ErrorCode::Forbidden, "Permission Denied");
642: echo $error->XML(true);
643: exit();
644: }
645:
646: $DESK->RequestManager->DeleteStatus($id);
647:
648: $xml = new xmlCreate();
649: $xml->charElement("operation","1");
650: echo $xml->getXML(true);
651: exit();
652: }
653:
654: else if ($_REQUEST['mode'] == "status_update")
655: {
656: $id=$_REQUEST['id'];
657: $name=$_REQUEST['name'];
658: if (!$DESK->ContextManager->Permission("user_admin"))
659: {
660: $error = new FreeDESK_Error(ErrorCode::Forbidden, "Permission Denied");
661: echo $error->XML(true);
662: exit();
663: }
664:
665: $DESK->RequestManager->UpdateStatus($id,$name);
666:
667: $xml = new xmlCreate();
668: $xml->charElement("operation","1");
669: echo $xml->getXML(true);
670: exit();
671: }
672:
673: else if ($_REQUEST['mode'] == "plugin_install")
674: {
675: if (!$DESK->ContextManager->Permission("sysadmin_plugins"))
676: {
677: $error = new FreeDESK_Error(ErrorCode::Forbidden, "Permission Denied");
678: echo $error->XML(true);
679: exit();
680: }
681:
682: $plugin=$_REQUEST['plugin'];
683:
684: $DESK->PluginManager->InstallPIM($plugin);
685:
686: $xml = new xmlCreate();
687: $xml->charElement("operation","1");
688: echo $xml->getXML(true);
689: exit();
690: }
691:
692: else if ($_REQUEST['mode'] == "plugin_activate")
693: {
694: if (!$DESK->ContextManager->Permission("sysadmin_plugins"))
695: {
696: $error = new FreeDESK_Error(ErrorCode::Forbidden, "Permission Denied");
697: echo $error->XML(true);
698: exit();
699: }
700:
701: $id=$_REQUEST['id'];
702:
703: $DESK->PluginManager->ActivatePIM($id, true);
704:
705: $xml = new xmlCreate();
706: $xml->charElement("operation","1");
707: echo $xml->getXML(true);
708: exit();
709: }
710:
711: else if ($_REQUEST['mode'] == "plugin_deactivate")
712: {
713: if (!$DESK->ContextManager->Permission("sysadmin_plugins"))
714: {
715: $error = new FreeDESK_Error(ErrorCode::Forbidden, "Permission Denied");
716: echo $error->XML(true);
717: exit();
718: }
719:
720: $id=$_REQUEST['id'];
721:
722: $DESK->PluginManager->ActivatePIM($id, false);
723:
724: $xml = new xmlCreate();
725: $xml->charElement("operation","1");
726: echo $xml->getXML(true);
727: exit();
728: }
729:
730: else if ($_REQUEST['mode'] == "plugin_uninstall")
731: {
732: if (!$DESK->ContextManager->Permission("sysadmin_plugins"))
733: {
734: $error = new FreeDESK_Error(ErrorCode::Forbidden, "Permission Denied");
735: echo $error->XML(true);
736: exit();
737: }
738:
739: $id=$_REQUEST['id'];
740:
741: $DESK->PluginManager->UninstallPIM($id);
742:
743: $xml = new xmlCreate();
744: $xml->charElement("operation","1");
745: echo $xml->getXML(true);
746: exit();
747: }
748:
749: else if ($_REQUEST['mode'] == "sysvar_save")
750: {
751: if (!$DESK->ContextManager->Permission("sysadmin_advanced"))
752: {
753: $error = new FreeDESK_Error(ErrorCode::Forbidden, "Permission Denied");
754: echo $error->XML(true);
755: exit();
756: }
757:
758: $id = $_REQUEST['id'];
759: $value = $_REQUEST['value'];
760:
761: $DESK->Configuration->Set($id, $value, true);
762:
763: $xml = new xmlCreate();
764: $xml->charElement("operation","1");
765: echo $xml->getXML(true);
766: exit();
767: }
768:
769: else if ($_REQUEST['mode'] == "sysvar_create")
770: {
771: if (!$DESK->ContextManager->Permission("sysadmin_advanced"))
772: {
773: $error = new FreeDESK_Error(ErrorCode::Forbidden, "Permission Denied");
774: echo $error->XML(true);
775: exit();
776: }
777:
778: $id = $_REQUEST['id'];
779: $value = $_REQUEST['value'];
780:
781: $DESK->Configuration->Set($id, $value, true);
782:
783: $xml = new xmlCreate();
784: $xml->charElement("operation","1");
785: echo $xml->getXML(true);
786: exit();
787: }
788:
789: else if ($_REQUEST['mode'] == "sysvar_delete")
790: {
791: if (!$DESK->ContextManager->Permission("sysadmin_advanced"))
792: {
793: $error = new FreeDESK_Error(ErrorCode::Forbidden, "Permission Denied");
794: echo $error->XML(true);
795: exit();
796: }
797:
798: $id = $_REQUEST['id'];
799: $value = $_REQUEST['value'];
800:
801: $DESK->Configuration->Delete($id);
802:
803: $xml = new xmlCreate();
804: $xml->charElement("operation","1");
805: echo $xml->getXML(true);
806: exit();
807: }
808:
809: else if ($_REQUEST['mode'] == "reqclass_save")
810: {
811: if (!$DESK->ContextManager->Permission("sysadmin_advanced"))
812: {
813: $error = new FreeDESK_Error(ErrorCode::Forbidden, "Permission Denied");
814: echo $error->XML(true);
815: exit();
816: }
817:
818: $id = $_REQUEST['id'];
819: $classname = isset($_REQUEST['classname']) ? $_REQUEST['classname'] : "";
820: $classclass = isset($_REQUEST['classclass']) ? $_REQUEST['classclass'] : "";
821:
822: $DESK->RequestManager->SaveRequestClass($classname, $classclass, $id);
823:
824: $xml = new xmlCreate();
825: $xml->charElement("operation","1");
826: echo $xml->getXML(true);
827: exit();
828: }
829:
830: else if ($_REQUEST['mode'] == "reqclass_create")
831: {
832: if (!$DESK->ContextManager->Permission("sysadmin_advanced"))
833: {
834: $error = new FreeDESK_Error(ErrorCode::Forbidden, "Permission Denied");
835: echo $error->XML(true);
836: exit();
837: }
838:
839: $classname = isset($_REQUEST['classname']) ? $_REQUEST['classname'] : "";
840: $classclass = isset($_REQUEST['classclass']) ? $_REQUEST['classclass'] : "";
841:
842: $DESK->RequestManager->SaveRequestClass($classname, $classclass);
843:
844: $xml = new xmlCreate();
845: $xml->charElement("operation","1");
846: echo $xml->getXML(true);
847: exit();
848: }
849:
850: else if ($_REQUEST['mode'] == "reqclass_delete")
851: {
852: if (!$DESK->ContextManager->Permission("sysadmin_advanced"))
853: {
854: $error = new FreeDESK_Error(ErrorCode::Forbidden, "Permission Denied");
855: echo $error->XML(true);
856: exit();
857: }
858:
859: $id = isset($_REQUEST['id']) ? $_REQUEST['id'] : 0;
860:
861: $DESK->RequestManager->DeleteRequestClass($id);
862:
863: $xml = new xmlCreate();
864: $xml->charElement("operation","1");
865: echo $xml->getXML(true);
866: exit();
867: }
868:
869: else if ($_REQUEST['mode'] == "priority_save" || $_REQUEST['mode'] == "priority_create")
870: {
871: if (!$DESK->ContextManager->Permission("sysadmin_advanced"))
872: {
873: $error = new FreeDESK_Error(ErrorCode::Forbidden, "Permission Denied");
874: echo $error->XML(true);
875: exit();
876: }
877:
878: // name SLA schedule [id]
879: $id = isset($_REQUEST['id']) ? $_REQUEST['id'] : 0;
880: $name = isset($_REQUEST['name']) ? $_REQUEST['name'] : "";
881: $sla = isset($_REQUEST['sla']) ? $_REQUEST['sla'] : 0;
882: $schedule = isset($_REQUEST['schedule']) ? $_REQUEST['schedule'] : 0;
883:
884: $DESK->RequestManager->SavePriority($name, $sla, $schedule, $id);
885:
886: $xml = new xmlCreate();
887: $xml->charElement("operation","1");
888: echo $xml->getXML(true);
889: exit();
890: }
891:
892: else if ($_REQUEST['mode'] == "priority_delete")
893: {
894: if (!$DESK->ContextManager->Permission("sysadmin_advanced"))
895: {
896: $error = new FreeDESK_Error(ErrorCode::Forbidden, "Permission Denied");
897: echo $error->XML(true);
898: exit();
899: }
900:
901:
902: $id = isset($_REQUEST['id']) ? $_REQUEST['id'] : 0;
903:
904: $DESK->RequestManager->DeletePriority($id);
905:
906: $xml = new xmlCreate();
907: $xml->charElement("operation","1");
908: echo $xml->getXML(true);
909: exit();
910: }
911:
912: else if ($_REQUEST['mode'] == "email_create")
913: {
914: if (!$DESK->ContextManager->Permission("email_accounts"))
915: {
916: $error = new FreeDESK_Error(ErrorCode::Forbidden, "Permission Denied");
917: echo $error->XML(true);
918: exit();
919: }
920:
921:
922: $name = isset($_REQUEST['name']) ? $_REQUEST['name'] : "";
923:
924: $DESK->Email->SaveAccount($name, "", "", "", 50, 0, "", "", "");
925:
926: $xml = new xmlCreate();
927: $xml->charElement("operation","1");
928: echo $xml->getXML(true);
929: exit();
930: }
931:
932: else if ($_REQUEST['mode'] == "email_delete")
933: {
934: if (!$DESK->ContextManager->Permission("email_accounts"))
935: {
936: $error = new FreeDESK_Error(ErrorCode::Forbidden, "Permission Denied");
937: echo $error->XML(true);
938: exit();
939: }
940:
941:
942: $id = isset($_REQUEST['id']) ? $_REQUEST['id'] : 0;
943:
944: $DESK->Email->DeleteAccount($id);
945:
946: $xml = new xmlCreate();
947: $xml->charElement("operation","1");
948: echo $xml->getXML(true);
949: exit();
950: }
951:
952: else if ($_REQUEST['mode'] == "email_save")
953: {
954: if (!$DESK->ContextManager->Permission("email_accounts"))
955: {
956: $error = new FreeDESK_Error(ErrorCode::Forbidden, "Permission Denied");
957: echo $error->XML(true);
958: exit();
959: }
960:
961:
962: $id = isset($_REQUEST['id']) ? $_REQUEST['id'] : 0;
963: $name = isset($_REQUEST['name']) ? $_REQUEST['name'] : "";
964: $host = isset($_REQUEST['host']) ? $_REQUEST['host'] : "";
965: $from = isset($_REQUEST['from']) ? $_REQUEST['from'] : "";
966: $fromname = isset($_REQUEST['fromname']) ? $_REQUEST['fromname'] : "";
967: $wordwrap = isset($_REQUEST['wordwrap']) ? $_REQUEST['wordwrap'] : 0;
968: $auth = isset($_REQUEST['auth']) ? $_REQUEST['auth'] : 0;
969: $username = isset($_REQUEST['username']) ? $_REQUEST['username'] : "";
970: $password = isset($_REQUEST['password']) ? $_REQUEST['password'] : "";
971: $smtpsec = isset($_REQUEST['smtpsec']) ? $_REQUEST['smtpsec'] : "";
972:
973: $DESK->Email->SaveAccount($name, $host, $from, $fromname, $wordwrap, $auth, $username, $password, $smtpsec, $id);
974:
975: $xml = new xmlCreate();
976: $xml->charElement("operation","1");
977: echo $xml->getXML(true);
978: exit();
979: }
980:
981: else if ($_REQUEST['mode'] == "email_test")
982: {
983: if (!$DESK->ContextManager->Permission("email_accounts"))
984: {
985: $error = new FreeDESK_Error(ErrorCode::Forbidden, "Permission Denied");
986: echo $error->XML(true);
987: exit();
988: }
989:
990:
991: $id = isset($_REQUEST['id']) ? $_REQUEST['id'] : 0;
992: $to = isset($_REQUEST['to']) ? $_REQUEST['to'] : "";
993:
994: $res = $DESK->Email->Send($id, $to, "FreeDESK Test", "FreeDESK Test Mail");
995:
996: if ($res)
997: {
998: $xml = new xmlCreate();
999: $xml->charElement("operation","1");
1000: echo $xml->getXML(true);
1001: exit();
1002: }
1003: else
1004: {
1005: $error = new FreeDESK_Error(ErrorCode::OperationFailed, "Operation Failed");
1006: echo $error->XML(true);
1007: exit();
1008: }
1009: }
1010:
1011: else if ($_REQUEST['mode'] == "email_send")
1012: {
1013: // Just standard auth required
1014:
1015:
1016: $id = isset($_REQUEST['id']) ? $_REQUEST['id'] : 0;
1017: $to = isset($_REQUEST['to']) ? $_REQUEST['to'] : "";
1018: $subject = isset($_REQUEST['subject']) ? $_REQUEST['subject'] : "";
1019: $body = isset($_REQUEST['body']) ? $_REQUEST['body'] : "";
1020:
1021: $res = $DESK->Email->Send($id, $to, $subject, $body);
1022:
1023: if ($res)
1024: {
1025: $xml = new xmlCreate();
1026: $xml->charElement("operation","1");
1027: echo $xml->getXML(true);
1028: exit();
1029: }
1030: else
1031: {
1032: $error = new FreeDESK_Error(ErrorCode::OperationFailed, "Operation Failed");
1033: echo $error->XML(true);
1034: exit();
1035: }
1036: }
1037:
1038: else if ($_REQUEST['mode'] == "template_save")
1039: {
1040: if (!$DESK->ContextManager->Permission("email_templates"))
1041: {
1042: $error = new FreeDESK_Error(ErrorCode::Forbidden, "Permission Denied");
1043: echo $error->XML(true);
1044: exit();
1045: }
1046:
1047:
1048: $id = isset($_REQUEST['id']) ? $_REQUEST['id'] : "";
1049: $subject = isset($_REQUEST['subject']) ? $_REQUEST['subject'] : "";
1050: $body = isset($_REQUEST['body']) ? $_REQUEST['body'] : "";
1051:
1052: $DESK->Email->SaveTemplate($id, $subject, $body);
1053:
1054: $xml = new xmlCreate();
1055: $xml->charElement("operation","1");
1056: echo $xml->getXML(true);
1057: exit();
1058:
1059: }
1060:
1061: if ($DESK->PluginManager->API($_REQUEST['mode']))
1062: exit();
1063:
1064: $error = new FreeDESK_Error(ErrorCode::UnknownMode, "Unknown Mode ".$_REQUEST['mode']);
1065: echo $error->XML(true);
1066: exit();
1067:
1068: ?>
1069: