diff options
Diffstat (limited to 'rh-bin/musicgrid.cgi')
| -rwxr-xr-x | rh-bin/musicgrid.cgi | 96 |
1 files changed, 75 insertions, 21 deletions
diff --git a/rh-bin/musicgrid.cgi b/rh-bin/musicgrid.cgi index 6e18e7e..f2bf9db 100755 --- a/rh-bin/musicgrid.cgi +++ b/rh-bin/musicgrid.cgi @@ -35,35 +35,89 @@ my @clocks = (); my $q = CGI->new; my $username = $q->param('LOGIN_NAME'); my $token = $q->param('PASSWORD'); +my $cmd = $q->param('COMMAND'); -(my $ctx, $status, $errorstring) = RHRD::rddb::init(); -if(defined $ctx) { - my $result = 1; -# ($result, $status, $errorstring) = RHRD::rddb::check_token($ctx, $username, $token); - if($result == 1) { - # TODO: check if user is allowed to read/edit music pools - # TODO: dispatch command get,set - $responsecode = 200; - @clocks = RHRD::rddb::get_musicpools_clocks($ctx); - if(!defined $clocks[0] && defined $clocks[1]) { +sub get_clocks +{ + my ($ctx) = @_; + + @clocks = RHRD::rddb::get_musicpools_clocks($ctx); + if(!defined $clocks[0] && defined $clocks[1]) { + return 500, $clocks[1] . ": " . $clocks[2]; + } + + return 200, "OK"; +} + +sub set_clock +{ + my ($ctx) = @_; + + my $dow = $q->param('DOW'); + my $hour = $q->param('HOUR'); + my $shortname = $q->param('NAME'); + + if(!defined $dow) { + return 400 ,"mandatory field DOW is missing"; + } elsif($dow < 0 || $dow > 6) { + return 400 ,"DOW is out of range"; + } elsif(!defined $hour) { + return 400, "mandatory field HOUR is missing"; + } elsif($hour < 0 || $hour > 23) { + return 400 ,"HOUR is out of range"; + } elsif(!defined $shortname) { + return 400, "mandatory field NAME is missing"; + } + + my ($result, $status, $error) = RHRD::rddb::set_musicpools_clock($ctx, $dow, $hour, $shortname); + if(!defined $result) { + return 500, $status . ": " . $error; + } + + return 200, "OK"; +} + +if(!defined $username) { + $responsecode = 400; + $errorstring = "mandatory field LOGIN_NAME is missing"; +} elsif(!defined $token) { + $responsecode = 400; + $errorstring = "mandatory field PASSWORD is missing"; +} elsif(!defined $cmd) { + $responsecode = 400; + $errorstring = "mandatory field COMMAND is missing"; +} else { + (my $ctx, $status, $errorstring) = RHRD::rddb::init(); + if(defined $ctx) { + (my $authenticated, $status, $errorstring) = RHRD::rddb::check_token($ctx, $username, $token); + my $authorized = RHRD::rddb::is_musicpools_user($ctx, $username); + if($authenticated == 1 && $authorized == 1) { + if($cmd eq "get") { + ($responsecode, $errorstring) = get_clocks($ctx); + } + elsif($cmd eq "set") { + ($responsecode, $errorstring) = set_clock($ctx); + } + else { + $responsecode = 400; + $errorstring = "command '$cmd' is unknown"; + } + } elsif($authenticated == 0) { + $responsecode = 401; + } elsif($authorized == 0) { + $responsecode = 403; + $errorstring = "user '" . $username . "' is not allowed to access the music grid"; + } else { $responsecode = 500; - $status = $clocks[1]; - $errorstring = $clocks[2]; } - } elsif($result == 0) { - $responsecode = 401; - } else { - $responsecode = 500; + RHRD::rddb::destroy($ctx); } - RHRD::rddb::destroy($ctx); } - print "Content-type: application/xml; charset=UTF-8\n"; print "Status: $responsecode\n\n"; -# TODO: dispatch command get,set -if($responsecode != 200) { +if($cmd eq "set" || $responsecode != 200) { print "<RDWebResult>\n"; print " <ResponseCode>" . xml_quote($responsecode) . "</ResponseCode>\n"; print " <ErrorString>" . xml_quote($errorstring) . "</ErrorString>\n"; @@ -72,7 +126,7 @@ if($responsecode != 200) { print "<grid>\n"; for my $href (@clocks) { print " <clock dow=\"" . xml_quote($href->{'DOW'}) . "\" hour=\"" . xml_quote($href->{'HOUR'}) . "\">\n"; - print " <name>" . xml_quote($href->{'NAME'}) . "</name>\n"; + print " <name>" . xml_quote($href->{'SHORTNAME'}) . "</name>\n"; print " <color>" . xml_quote($href->{'COLOR'}) . "</color>\n"; print " <title>" . xml_quote($href->{'TITLE'}) . "</title>\n"; print " </clock>\n"; |