Class rex_api_function

This is a base class for all functions which a component may provide for public use. Those function will be called automatically by the core. Inside an api function you might check the preconditions which have to be met (permissions, etc.) and forward the call to an underlying service which does the actual job.

There can only be one rex_api_function called per request, but not every request must have an api function.

The classname of a possible implementation must start with "rex_api".

A api function may also be called by an ajax-request. In fact there might be ajax-requests which do nothing more than triggering an api function.

The api functions return meaningfull error messages which the caller may display to the end-user.

rex_api_function uses rex_factory_trait

Direct known subclasses

rex_api_article_move, rex_api_content_copy, rex_api_sitemap_tree

Abstract
Package: redaxo\core
Author: staabm
Located at redaxo/src/core/lib/api_function.php

Methods summary

abstract public rex_api_result
# execute( )

This method have to be overriden by a subclass and does all logic which the api function represents.

public static self
# factory( )

Returns the api function instance which is bound to the current request, or null if no api function was bound.

public static array
# getUrlParams( )

Returns an array containing the rex-api-call and _csrf_token params.

public static string
# getHiddenFields( )

Returns the hidden fields for rex-api-call and _csrf_token.

public static
# handleCall( )

checks whether an api function is bound to the current requests. If so, so the api function will be executed.

public static
public static
# getMessage( mixed $formatted = true )
protected
public rex_api_result
# getResult( )
protected boolean
# requiresCsrfProtection( )

Csrf validation is disabled by default for backwards compatiblity reasons. This default will change in a future version. Prepare all your api functions to work with csrf token by using your-api-class::getUrlParams()/getHiddenFields(), otherwise they will stop work.

Methods used from rex_factory_trait

callFactoryClass(), getFactoryClass(), hasFactoryClass(), setFactoryClass()

Constants summary

string REQ_CALL_PARAM
#'rex-api-call'
string REQ_RESULT_PARAM
#'rex-api-result'

Properties summary

protected boolean $published

Flag, indicating if this api function may be called from the frontend. False by default.

#false
protected rex_api_result $result

The result of the function call.

#null