AS1024/itflow
1
0
Fork 0
mirror of https://github.com/itflow-org/itflow synced 2026-02-28 10:54:52 +00:00
Code Issues Packages Projects Releases Wiki Activity

API Tidy

Browse Source 
- Remove old client ID queries, these are now built into the API keys. If a key has access to all clients, a client ID can be provided in the query.
- Small fixes to assets URI lookup
- Add read endpoint for vendors
This commit is contained in:
wrongecho
2024-09-11 18:02:18 +01:00
parent 2e202df3ff
commit f3e9c9c867
14 changed files with 47 additions and 83 deletions
Download Patch File Download Diff File Expand all files Collapse all files

24
api/v1/assets/read.php
View File

@@ -12,42 +12,36 @@ if (isset($_GET['asset_id'])) {
} elseif (isset($_GET['asset_type'])) {
// Asset query via type
$type = mysqli_real_escape_string($mysqli, ucfirst($_GET['asset_type']));
$sql = mysqli_query($mysqli, "SELECT * FROM assets WHERE asset_type = '$type' AND asset_client_id LIKE '$client_id' ORDER BY asset_id LIMIT $limit OFFSET $offset");
} elseif (isset($_GET['asset_name'])) {
// Asset query via name
$name = mysqli_real_escape_string($mysqli, $_GET['asset_name']);
$sql = mysqli_query($mysqli, "SELECT * FROM assets WHERE asset_name = '$name' AND asset_client_id LIKE '$client_id' ORDER BY asset_id LIMIT $limit OFFSET $offset");
} elseif (isset($_GET['asset_serial'])) {
// Asset query via serial
$serial = mysqli_real_escape_string($mysqli, $_GET['asset_serial']);
$sql = mysqli_query($mysqli, "SELECT * FROM assets WHERE asset_serial = '$serial' AND asset_client_id LIKE '$client_id' ORDER BY asset_id LIMIT $limit OFFSET $offset");
} elseif (isset($_GET['client_id'])) {
// Asset query via client ID
$sql = mysqli_query($mysqli, "SELECT * FROM assets WHERE asset_client_id LIKE '$client_id' ORDER BY asset_id LIMIT $limit OFFSET $offset");
} elseif (isset($_GET['asset_mac'])) {
// Asset query via mac
$mac = mysqli_real_escape_string($mysqli, $_GET['asset_mac']);
$sql = mysqli_query($mysqli, "SELECT * FROM assets LEFT JOIN asset_interfaces ON interface_asset_id = asset_id AND interface_primary = 1 WHERE interface_mac = '$mac' AND asset_client_id LIKE '$client_id' ORDER BY asset_id LIMIT $limit OFFSET $offset");
} elseif (isset($_GET['asset_uri'])) {
// Asset query via mac
$mac = mysqli_real_escape_string($mysqli, $_GET['asset_uri']);
// Asset query via uri
$uri = mysqli_real_escape_string($mysqli, $_GET['asset_uri']);
$sql = mysqli_query($mysqli, "SELECT * FROM assets WHERE asset_uri = '$uri' AND asset_client_id LIKE '$client_id' ORDER BY asset_id LIMIT $limit OFFSET $offset");
}
// All assets
else {
} elseif (isset($_GET['asset_uri_2'])) {
// Asset query via uri2
$uri2 = mysqli_real_escape_string($mysqli, $_GET['asset_uri']);
$sql = mysqli_query($mysqli, "SELECT * FROM assets WHERE asset_uri_2 = '$uri2' AND asset_client_id LIKE '$client_id' ORDER BY asset_id LIMIT $limit OFFSET $offset");
}else {
// All assets (by client ID or all in general if key permits)
$sql = mysqli_query($mysqli, "SELECT * FROM assets LEFT JOIN asset_interfaces ON interface_asset_id = asset_id AND interface_primary = 1 WHERE asset_client_id LIKE '$client_id' ORDER BY asset_id LIMIT $limit OFFSET $offset");
}