News:

Looking for documentation? Take a look on our wiki

Main Menu

rest api devel., coding question

Started by rebootl, May 20, 2019, 21:14:24 PM

Previous topic - Next topic

rebootl

Hello

I'm working on a rest api plugin for the techjoomla com_api plugin http://docs.techjoomla.com/com_api/ . Exposing some shop functions, in order to connect them to our erp.

I managed to get a categories listing, doing something along the lines of:


// initiate VM
defined('DS') or define('DS', DIRECTORY_SEPARATOR);
if (!class_exists('VmConfig'))
    require(JPATH_ROOT . DS . 'administrator' . DS .
            'components' . DS . 'com_virtuemart' . DS .
            'helpers' . DS . 'config.php');
if (!class_exists('VmModel'))
    require(VMPATH_ADMIN . DS . 'helpers' . DS . 'vmmodel.php');


class KivishopApiResourceCategories extends ApiResource {

    public function get() {
        /* response for the get_categories function
           (analog to the shopware mapping)
        */

        // load VM config
        VmConfig::loadConfig();

        // get category model
        $categoryModel = VmModel::getModel('Category');

        // get all categories
        $cat_tree = $categoryModel->getCategoryTree();

        ... aso ...


As you can see, I was able to use the category model from VM, inside the plugin.

I also managed to get some product informations like this:


        ...
        // get product model
        $productModel = VmModel::getModel('Product');
        // get product by id
        // -> use getProductSingle instead ?
        $product = $productModel->getProductSingle($this->vm_product_id);
        ...


But now I'm a bit stuck at product creation. I tried creating an empty product, updating the information, and use the store method.


       ...
       VmConfig::loadConfig();
        $product_model = VmModel::getModel('Product');
        // (this creates an empty product obj.)
        $product = $product_model->getProductSingle("0");
        // -> update product information here !!!
        $product->product_sku = "009001";
        ...
        $res = $product_model->store($product);
        ...


But unfortunately this doesn't work. And I'm also not really able to get much meaningful debug output via the com_api plugin...

In general, do you think it is a good idea, trying to use the store method etc. like this? Or would it maybe be better to write directly into the database?

Also I'm grateful for any tips/hints.

The full (unfinished) code is on github and will be released as open-source: https://github.com/rebootl/joomla-plg-kivishop

Thx, regards
rebootl

Studio 42

I dont checked the product model code, but i think that in the $product_model->store($product);
$product is not an object but an array.

Milbo

#2
Quote from: rebootl on May 20, 2019, 21:14:24 PM
Hello

I'm working on a rest api plugin for the techjoomla com_api plugin http://docs.techjoomla.com/com_api/ . Exposing some shop functions, in order to connect them to our erp.

I managed to get a categories listing, doing something along the lines of:


// initiate VM
defined('DS') or define('DS', DIRECTORY_SEPARATOR);
if (!class_exists('VmConfig'))
    require(JPATH_ROOT . DS . 'administrator' . DS .
            'components' . DS . 'com_virtuemart' . DS .
            'helpers' . DS . 'config.php');
if (!class_exists('VmModel'))
    require(VMPATH_ADMIN . DS . 'helpers' . DS . 'vmmodel.php');


Please use just

if (!class_exists( 'VmConfig' )) require(JPATH_ROOT .'/administrator/components/com_virtuemart/helpers/config.php');
VmConfig::loadConfig();


The function store in the product model executes

if ($data and is_object($data)) {
$data = get_object_vars($data);
}


and should therefore work also with objects.
Should I fix your bug, please support the VirtueMart project and become a member
______________________________________
Extensions approved by the core team: http://extensions.virtuemart.net/

rebootl

Hey, thx for the replies.

I think the problem was the missing request token...

vRequest::vmCheckToken();

So, I did this, as mentioned in: http://forum.virtuemart.net/index.php?topic=141903.0


        $ftoken = JSession::getFormToken();
        $_REQUEST['token'] = $ftoken;

        $res = $product_model->store($product);


Which got it working :D.

Milbo

You should not generate the formtoken directly before the store function. The token must come from the URL/form. When you have it in the function, you disable the security.
Should I fix your bug, please support the VirtueMart project and become a member
______________________________________
Extensions approved by the core team: http://extensions.virtuemart.net/

rebootl

#5
Hello, thx for the reply. Sry for the late response.

Yes, I understand. The problem is tho that I do not use a form to make the request. I basically do not make a prior request at all, where I could send the token in the first place.

However what I do is use an API key, since that is the authentication mechanism provided by the com_api component. I understand that this is probably not the very highest security, tho when used over HTTPS it should be reasonably safe...

What do u think?

Edit: I do not store a session or so either, since it's supposed to be a "restlike" service.

Studio 42

@rebootl, for me, it's not a problem if you use own security.
I dont use it for my own component in my case because i do a global verification and not per user, so form token have no sense.

rebootl

Yes, since this is a CSRF token, right?