BookStack/routes/api.php

99 lines
5.3 KiB
PHP
Raw Normal View History

2019-12-28 09:58:07 -05:00
<?php
2022-09-17 20:25:20 -04:00
/**
* Routes for the BookStack API.
* Routes have a uri prefix of /api/.
* Controllers are all within app/Http/Controllers/Api.
*/
use BookStack\Http\Controllers\Api\ApiDocsController;
use BookStack\Http\Controllers\Api\AttachmentApiController;
use BookStack\Http\Controllers\Api\BookApiController;
use BookStack\Http\Controllers\Api\BookExportApiController;
use BookStack\Http\Controllers\Api\BookshelfApiController;
use BookStack\Http\Controllers\Api\ChapterApiController;
use BookStack\Http\Controllers\Api\ChapterExportApiController;
2023-03-14 08:19:19 -04:00
use BookStack\Http\Controllers\Api\ContentPermissionApiController;
use BookStack\Http\Controllers\Api\ImageGalleryApiController;
use BookStack\Http\Controllers\Api\PageApiController;
use BookStack\Http\Controllers\Api\PageExportApiController;
use BookStack\Http\Controllers\Api\RecycleBinApiController;
use BookStack\Http\Controllers\Api\RoleApiController;
use BookStack\Http\Controllers\Api\SearchApiController;
use BookStack\Http\Controllers\Api\UserApiController;
use Illuminate\Support\Facades\Route;
Route::get('docs.json', [ApiDocsController::class, 'json']);
Route::get('attachments', [AttachmentApiController::class, 'list']);
Route::post('attachments', [AttachmentApiController::class, 'create']);
Route::get('attachments/{id}', [AttachmentApiController::class, 'read']);
Route::put('attachments/{id}', [AttachmentApiController::class, 'update']);
Route::delete('attachments/{id}', [AttachmentApiController::class, 'delete']);
Route::get('books', [BookApiController::class, 'list']);
Route::post('books', [BookApiController::class, 'create']);
Route::get('books/{id}', [BookApiController::class, 'read']);
Route::put('books/{id}', [BookApiController::class, 'update']);
Route::delete('books/{id}', [BookApiController::class, 'delete']);
Route::get('books/{id}/export/html', [BookExportApiController::class, 'exportHtml']);
Route::get('books/{id}/export/pdf', [BookExportApiController::class, 'exportPdf']);
Route::get('books/{id}/export/plaintext', [BookExportApiController::class, 'exportPlainText']);
Route::get('books/{id}/export/markdown', [BookExportApiController::class, 'exportMarkdown']);
Route::get('chapters', [ChapterApiController::class, 'list']);
Route::post('chapters', [ChapterApiController::class, 'create']);
Route::get('chapters/{id}', [ChapterApiController::class, 'read']);
Route::put('chapters/{id}', [ChapterApiController::class, 'update']);
Route::delete('chapters/{id}', [ChapterApiController::class, 'delete']);
Route::get('chapters/{id}/export/html', [ChapterExportApiController::class, 'exportHtml']);
Route::get('chapters/{id}/export/pdf', [ChapterExportApiController::class, 'exportPdf']);
Route::get('chapters/{id}/export/plaintext', [ChapterExportApiController::class, 'exportPlainText']);
Route::get('chapters/{id}/export/markdown', [ChapterExportApiController::class, 'exportMarkdown']);
Route::get('pages', [PageApiController::class, 'list']);
Route::post('pages', [PageApiController::class, 'create']);
Route::get('pages/{id}', [PageApiController::class, 'read']);
Route::put('pages/{id}', [PageApiController::class, 'update']);
Route::delete('pages/{id}', [PageApiController::class, 'delete']);
Route::get('pages/{id}/export/html', [PageExportApiController::class, 'exportHtml']);
Route::get('pages/{id}/export/pdf', [PageExportApiController::class, 'exportPdf']);
Route::get('pages/{id}/export/plaintext', [PageExportApiController::class, 'exportPlainText']);
Route::get('pages/{id}/export/markdown', [PageExportApiController::class, 'exportMarkdown']);
2023-03-14 08:19:19 -04:00
Route::get('image-gallery', [ImageGalleryApiController::class, 'list']);
Route::post('image-gallery', [ImageGalleryApiController::class, 'create']);
Route::get('image-gallery/{id}', [ImageGalleryApiController::class, 'read']);
Route::put('image-gallery/{id}', [ImageGalleryApiController::class, 'update']);
Route::delete('image-gallery/{id}', [ImageGalleryApiController::class, 'delete']);
Route::get('search', [SearchApiController::class, 'all']);
Route::get('shelves', [BookshelfApiController::class, 'list']);
Route::post('shelves', [BookshelfApiController::class, 'create']);
Route::get('shelves/{id}', [BookshelfApiController::class, 'read']);
Route::put('shelves/{id}', [BookshelfApiController::class, 'update']);
Route::delete('shelves/{id}', [BookshelfApiController::class, 'delete']);
2021-05-05 07:46:14 -04:00
Route::get('users', [UserApiController::class, 'list']);
Route::post('users', [UserApiController::class, 'create']);
Route::get('users/{id}', [UserApiController::class, 'read']);
Route::put('users/{id}', [UserApiController::class, 'update']);
2022-02-08 10:29:58 -05:00
Route::delete('users/{id}', [UserApiController::class, 'delete']);
Route::get('roles', [RoleApiController::class, 'list']);
Route::post('roles', [RoleApiController::class, 'create']);
Route::get('roles/{id}', [RoleApiController::class, 'read']);
Route::put('roles/{id}', [RoleApiController::class, 'update']);
Route::delete('roles/{id}', [RoleApiController::class, 'delete']);
Reviewed recycle bin API PR and made changes Made the following changes, many of these are just to align with existing conventions. - Updated urls to be hypenated, instead of underscored, to match other system endpoints. - Updated URL parameter to be `deletionId` instead of `id`, and removed the ID-based comment on controller methods, so the required ID model is clear from the URL alone, since its not clear from the URL endpoint alone like existing endpoints. This follows the pattern used in the "web" routes. - Added extra detail on some controller method comments, and copied permission comment to each method. - Removed existing field visibility mechanisms to use simpler model-based visibility since we didn't need anything too special here (After some of my other changes). - Allowed the "deletable" model to be shown in response to provide a little more detail on the main deleted item. - Updated parent/child-count loading to be on the "deletable" model instead of additional properties which results in simpler controller logic and enforces the idea these are relations on the deletable, not the deletion itself. It also removes additional exposure of model namespacing. - Updated (int) casts to intval, just since that's our most common conversion method in the codebase. - Testing: Removed `actingAsAuthorizedUser` and used the admin user instead to prevent extra auth steps on each test. - Testing: Cut logic/data-checks from tests if already covered by other tests. - Testing: Added simple assertions for delete/restore response data. - Examples: Updated list example to reflect changes. Review of PR #3377 To be followed up with changes to polymorphic relations to hide namespacing.
2022-04-25 12:54:59 -04:00
Route::get('recycle-bin', [RecycleBinApiController::class, 'list']);
Route::put('recycle-bin/{deletionId}', [RecycleBinApiController::class, 'restore']);
Route::delete('recycle-bin/{deletionId}', [RecycleBinApiController::class, 'destroy']);
2023-03-14 08:19:19 -04:00
Route::get('content-permissions/{contentType}/{contentId}', [ContentPermissionApiController::class, 'read']);
Route::put('content-permissions/{contentType}/{contentId}', [ContentPermissionApiController::class, 'update']);