Hello
I'm working on a rest api plugin for the techjoomla com_api plugin http://docs.techjoomla.com/com_api/ . Exposing some shop functions, in order to connect them to our erp.
I managed to get a categories listing, doing something along the lines of:
// initiate VM
defined('DS') or define('DS', DIRECTORY_SEPARATOR);
if (!class_exists('VmConfig'))
require(JPATH_ROOT . DS . 'administrator' . DS .
'components' . DS . 'com_virtuemart' . DS .
'helpers' . DS . 'config.php');
if (!class_exists('VmModel'))
require(VMPATH_ADMIN . DS . 'helpers' . DS . 'vmmodel.php');
class KivishopApiResourceCategories extends ApiResource {
public function get() {
/* response for the get_categories function
(analog to the shopware mapping)
*/
// load VM config
VmConfig::loadConfig();
// get category model
$categoryModel = VmModel::getModel('Category');
// get all categories
$cat_tree = $categoryModel->getCategoryTree();
... aso ...
As you can see, I was able to use the category model from VM, inside the plugin.
I also managed to get some product informations like this:
...
// get product model
$productModel = VmModel::getModel('Product');
// get product by id
// -> use getProductSingle instead ?
$product = $productModel->getProductSingle($this->vm_product_id);
...
But now I'm a bit stuck at product creation. I tried creating an empty product, updating the information, and use the store method.
...
VmConfig::loadConfig();
$product_model = VmModel::getModel('Product');
// (this creates an empty product obj.)
$product = $product_model->getProductSingle("0");
// -> update product information here !!!
$product->product_sku = "009001";
...
$res = $product_model->store($product);
...
But unfortunately this doesn't work. And I'm also not really able to get much meaningful debug output via the com_api plugin...
In general, do you think it is a good idea, trying to use the store method etc. like this? Or would it maybe be better to write directly into the database?
Also I'm grateful for any tips/hints.
The full (unfinished) code is on github and will be released as open-source: https://github.com/rebootl/joomla-plg-kivishop
Thx, regards
rebootl
I dont checked the product model code, but i think that in the $product_model->store($product);
$product is not an object but an array.
Quote from: rebootl on May 20, 2019, 21:14:24 PM
Hello
I'm working on a rest api plugin for the techjoomla com_api plugin http://docs.techjoomla.com/com_api/ . Exposing some shop functions, in order to connect them to our erp.
I managed to get a categories listing, doing something along the lines of:
// initiate VM
defined('DS') or define('DS', DIRECTORY_SEPARATOR);
if (!class_exists('VmConfig'))
require(JPATH_ROOT . DS . 'administrator' . DS .
'components' . DS . 'com_virtuemart' . DS .
'helpers' . DS . 'config.php');
if (!class_exists('VmModel'))
require(VMPATH_ADMIN . DS . 'helpers' . DS . 'vmmodel.php');
Please use just
if (!class_exists( 'VmConfig' )) require(JPATH_ROOT .'/administrator/components/com_virtuemart/helpers/config.php');
VmConfig::loadConfig();
The function store in the product model executes
if ($data and is_object($data)) {
$data = get_object_vars($data);
}
and should therefore work also with objects.
Hey, thx for the replies.
I think the problem was the missing request token...
vRequest::vmCheckToken();
So, I did this, as mentioned in: http://forum.virtuemart.net/index.php?topic=141903.0
$ftoken = JSession::getFormToken();
$_REQUEST['token'] = $ftoken;
$res = $product_model->store($product);
Which got it working :D.
You should not generate the formtoken directly before the store function. The token must come from the URL/form. When you have it in the function, you disable the security.
Hello, thx for the reply. Sry for the late response.
Yes, I understand. The problem is tho that I do not use a form to make the request. I basically do not make a prior request at all, where I could send the token in the first place.
However what I do is use an API key, since that is the authentication mechanism provided by the com_api component. I understand that this is probably not the very highest security, tho when used over HTTPS it should be reasonably safe...
What do u think?
Edit: I do not store a session or so either, since it's supposed to be a "restlike" service.
@rebootl, for me, it's not a problem if you use own security.
I dont use it for my own component in my case because i do a global verification and not per user, so form token have no sense.
Yes, since this is a CSRF token, right?