Documentation

rex_api_function
in package
Uses rex_factory_trait

AbstractYes

This is a base class for all functions which a component may provide for public use.

Those function will be called automatically by the core. Inside an api function you might check the preconditions which have to be met (permissions, etc.) and forward the call to an underlying service which does the actual job.

There can only be one rex_api_function called per request, but not every request must have an api function.

The classname of a possible implementation must start with "rex_api".

A api function may also be called by an ajax-request. In fact there might be ajax-requests which do nothing more than triggering an api function.

The api functions return meaningfull error messages which the caller may display to the end-user.

Calling a api function with the backend-frontcontroller (index.php) requires a valid page parameter and the current user needs permissions to access the given page.

Tags
author

staabm

Table of Contents

Constants

REQ_CALL_PARAM  = 'rex-api-call'
REQ_RESULT_PARAM  = 'rex-api-result'

Properties

$published  : bool
Flag, indicating if this api function may be called from the frontend. False by default.
$result  : rex_api_result|null
The result of the function call.

Methods

execute()  : rex_api_result
This method have to be overriden by a subclass and does all logic which the api function represents.
factory()  : self|null
Returns the api function instance which is bound to the current request, or null if no api function was bound.
getHiddenFields()  : string
Returns the hidden fields for `rex-api-call` and `_csrf_token`.
getMessage()  : string
getResult()  : rex_api_result|null
getUrlParams()  : array<string, string>
Returns an array containing the `rex-api-call` and `_csrf_token` params.
handleCall()  : void
checks whether an api function is bound to the current requests. If so, so the api function will be executed.
hasMessage()  : bool
__construct()  : mixed
requiresCsrfProtection()  : bool
Csrf validation is disabled by default for backwards compatiblity reasons. This default will change in a future version.

Constants

REQ_CALL_PARAM

public mixed REQ_CALL_PARAM = 'rex-api-call'

REQ_RESULT_PARAM

public mixed REQ_RESULT_PARAM = 'rex-api-result'

Properties

$published

Flag, indicating if this api function may be called from the frontend. False by default.

protected bool $published = \false

Methods

execute()

This method have to be overriden by a subclass and does all logic which the api function represents.

public abstract execute() : rex_api_result

In the first place this method may retrieve and validate parameters from the request. Afterwards the actual logic should be executed.

This function may also throw exceptions e.g. in case when permissions are missing or the provided parameters are invalid.

Return values
rex_api_result

The result of the api-function

factory()

Returns the api function instance which is bound to the current request, or null if no api function was bound.

public static factory() : self|null
Tags
throws
rex_exception
Return values
self|null

getHiddenFields()

Returns the hidden fields for `rex-api-call` and `_csrf_token`.

public static getHiddenFields() : string

The method must be called on sub classes.

Return values
string

getMessage()

public static getMessage([bool $formatted = true ]) : string
Parameters
$formatted : bool = true
Return values
string

getUrlParams()

Returns an array containing the `rex-api-call` and `_csrf_token` params.

public static getUrlParams() : array<string, string>

The method must be called on sub classes.

Return values
array<string, string>

handleCall()

checks whether an api function is bound to the current requests. If so, so the api function will be executed.

public static handleCall() : void

hasMessage()

public static hasMessage() : bool
Return values
bool

requiresCsrfProtection()

Csrf validation is disabled by default for backwards compatiblity reasons. This default will change in a future version.

protected requiresCsrfProtection() : bool

Prepare all your api functions to work with csrf token by using your-api-class::getUrlParams()/getHiddenFields(), otherwise they will stop work.

Return values
bool

        
On this page

Search results