Make authentication check for each API method explicit at build time

confirm · Jan 24, 2020 · b012ded · b012ded
1 parent 7e83045
commit b012ded
Show file tree

Hide file tree

Showing 3 changed files with 45 additions and 20 deletions.
diff --git a/build/build.php b/build/build.php
@@ -230,12 +230,18 @@ function __autoload($className)
 // initialize variable for API methods
 $apiMethods = '';
 
+$anonymousFunctions = array(
+    'apiinfo.version',
+);
+
 // build API methods
 foreach ($apiArray as $resource => $actions) {
     foreach ($actions as $action) {
+        $apiMethod = $resource.'.'.$action;
         $methodPlaceholders = array(
-            'API_METHOD' => $resource.'.'.$action,
+            'API_METHOD' => $apiMethod,
             'PHP_METHOD' => $resource.ucfirst($action),
+            'IS_AUTHENTICATION_REQUIRED' => in_array($apiMethod, $anonymousFunctions, true) ? 'false' : 'true',
         );
         $apiMethods .= replacePlaceholders($matches[4], $methodPlaceholders);
     }

diff --git a/build/templates/abstract.tpl.php b/build/templates/abstract.tpl.php
@@ -34,15 +34,6 @@ abstract class <CLASSNAME_ABSTRACT>
 {<!START_API_CONSTANT>
     const <PHP_CONST_NAME> = <PHP_CONST_VALUE>;
 <!END_API_CONSTANT>
-    /**
-     * Anonymous API functions.
-     *
-     * @var string[]
-     */
-    private static $anonymousFunctions = array(
-        'apiinfo.version',
-    );
-
     /**
      * Boolean if requests/responses should be printed out (JSON).
      *
@@ -210,7 +201,7 @@ public function setBasicAuthorization($user, $password)
     /**
      * Sets the context for SSL-enabled connections.
      *
-     * @see http://php.net/manual/en/context.ssl.php.
+     * @see https://php.net/manual/en/context.ssl.php.
      *
      * @param array $context Array with the SSL context
      *
@@ -490,7 +481,7 @@ final public function userLogout($params = array(), $arrayKeyProperty = '')
     }
 <!START_API_METHOD>
     /**
-     * Requests the Zabbix API and returns the response of the API method "<API_METHOD>".
+     * Requests the Zabbix API and returns the response of the method "<API_METHOD>".
      *
      * The $params Array can be used, to pass parameters to the Zabbix API.
      * For more information about these parameters, check the Zabbix API
@@ -510,14 +501,7 @@ final public function userLogout($params = array(), $arrayKeyProperty = '')
      */
     public function <PHP_METHOD>($params = array(), $arrayKeyProperty = '')
     {
-        // get params array for request
-        $params = $this->getRequestParamsArray($params);
-
-        // check if we've to authenticate
-        $auth = !in_array('<API_METHOD>', self::$anonymousFunctions, true);
-
-        // request
-        return $this->request('<API_METHOD>', $params, $arrayKeyProperty, $auth);
+        return $this->request('<API_METHOD>', $this->getRequestParamsArray($params), $arrayKeyProperty, <IS_AUTHENTICATION_REQUIRED>);
     }
 <!END_API_METHOD>
     /**

diff --git a/tests/ZabbixApiTest.php b/tests/ZabbixApiTest.php
@@ -135,6 +135,41 @@ public function testUserLoginOnConsecutiveCalls()
         $this->removeTokenCacheDir($cacheDir);
     }
 
+    /**
+     * @dataProvider getAuthenticationRequired
+     *
+     * @param string $method
+     * @param string $apiMethod
+     * @param bool $isAuthenticationRequired
+     */
+    public function testAuthenticationRequired($method, $apiMethod, $isAuthenticationRequired)
+    {
+        $this->assertTrue(is_callable(array('ZabbixApi\ZabbixApi', $method)));
+
+        $zabbix = $this->getMockBuilder('ZabbixApi\ZabbixApi')
+            ->disableOriginalConstructor()
+            ->disableOriginalClone()
+            ->disableArgumentCloning()
+            ->setMethods(array('request'))
+            ->getMock();
+
+        $zabbix
+            ->expects($this->once())
+            ->method('request')
+            ->with($apiMethod, array(), '', $isAuthenticationRequired);
+
+        $zabbix->$method();
+    }
+
+    public function getAuthenticationRequired()
+    {
+        return array(
+            array('method' => 'userGet', 'api_method' => 'user.get', 'is_authentication_required' => true),
+            array('method' => 'apiinfoVersion', 'api_method' => 'apiinfo.version', 'is_authentication_required' => false),
+            array('method' => 'hostGet', 'api_method' => 'host.get', 'is_authentication_required' => true),
+        );
+    }
+
     public function testZabbixApiConnectionNotTriggered()
     {
         $zabbix = new ZabbixApi('http://localhost/json_rpc.php');