.Custom API v2020.1
Basics
This feature allows the admin to define customized API routines. These routines can be executed via an API call using the Custom API identifier.
This Grid allows Users to add custom API calls.
- Identifier: This is the unique identifier for the specific API logic. This identifier is used to invoke this Custom Logic with an API Call.
- Description: A description field to provide additional information as to the purpose of the API logic.
- Logic Entry field: All of the logic for the particular API call.
Prerequisites
This feature is intended for Administrators and an understanding of PHP language and syntax is required. You must also be aware of language compatibility for the version of PHP installed on the webserver. For logic that requires querying other data, an understanding of SQL is necessary, particularly variants specific to your database platform.
Usage
In a typical API routine, incoming request data is processed and an outgoing response is built.
Scope
API routines are written and executed within a subset of PHP syntax and at run time they have scope access to two arrays of data $request and $response. For security purposes, only a subset of PHP functions have been whitelisted.
$request
A key/value paired array of the data that is POSTED to the API REST request. The contents of this request will vary depending on how and what is making the API request. There is no need to decode the $request data.
$response
A key/value paired array of the data that should be returned in the API REST response.
Example
Using cURL, we invoke a Custom API called hello-world:
curl -X POST -d '{"foo":"bar"}' http://DOMAIN/api/API_KEY/hello-world.json -H Content-Type:application/json
- The .json extension requests data returned JSON encoded
- The Content-Type header directive for "application/json" specifies the incoming request data is JSON encoded
Within the Custom API logic, $request would contain the decoded request data:
array( "foo" => "bar" )
The response can be built by assigning data to $response.
$response["hello"] = "world";
The given cURL request will return a JSON formatted response:
{ "hello" : "world" }
Syntax
Custom API shares a set of common syntax and available functions with the other types of Custom Logic.
Allowed Functions
Array
explode , implode , is_array , in_array , array_diff , array_diff_key , count
JSON
cURL
curl_init , curl_setopt , curl_exec , curl_errno , curl_error , curl_getinfo , curl_close , http_build_query
Date/Time
date , time , mktime , strtotime , DateTime , DateInterval , add , sub, diff, format , setTimestamp , setTime , setDate
Debug
error_log, debug
$this->debug();
Note: The debug command outputs to a cache which is then displayed in the Debug tab/grid for the Custom Logic you are debugging.
Logical
if , elseif , else , switch , case , default , break , for , foreach , as , while , do-while , return , new
Mathematical
round , trunc ,ceil , floor , rand , srand , pow , exp , abs , max , min , bindec , hexdec , octdec , base_convert
PCR-360 Data
call , query , listGetByCode , listFindValue , listFindCode
// $apiFunction Examples: saveService, saveServiceDesk, saveContact, saveCable, saveGla, saveEquipment, etc. $this->call(string $apiFunctionToCall, array $params)
array $this->query ( string $sql, array $bind_parameters );
mixed $this->listGetByCode ( string $list_type, mixed $list_code );
string $this->listGetByCode ( int $recid );
string $this->listGetByCode ( int $recid );
String
is_numeric , strtolower , strtoupper , substr , stristr , strstr , stripos , strpos , strripos , strrpos , addslashes , chr , trim , ltrim , rtrim , str_replace , preg_match , preg_replace , preg_split , str_pad , sprintf , substr_replace , strlen
Additional Functions
Contact PCR if you find a function that is not allowed, but would like to use.
Validation functions
setError
Sets a validation error message. This messages output in the UI if the validation logic returns false. If this function is called multiple times, only the message from the last calls is displayed.
$this->setError ( string $message );
setWarning
Sets the validation warning message. This messages output in the UI only if the logic does not return false. If this function is called multiple times, only the message from the last calls is displayed.
$this->setWarning ( string $message );
Triggering Events
PCR_Event, trigger, attach, attachDb
In this example the GLA Replace Event is triggered with specific parameters. For detailed information on which Events can be triggered, and how to trigger those Events, please navigate to the Triggerable Events List page.
PCR_Event::attachDb("replace-gla", [ "Application_Model_Gla_Gla" => "eventReplaceGla" ]); PCR_Event::trigger("replace-gla", [ "contact" => 12345, // Contact RECID "users_recid" => 456, // Users RECID "glaRecid" => [1111], // Old GLA RECID "replaceGlaRecid" => 2222, // Replacement GLA RECID "setInactiveGla" => true, "comment" => "This is a comment", ]);
Invoking Custom API
Read more about Making a Request for APIs and reading into the Custom API.
Example
This Custom API script was written to process incoming API calls from Slack (a team chat program we use internally at PCR).
<?php /** * Type: Custom Logic * Identifier: helpdesk */ // The incoming payload from Slack is JSON encoded so we need to decode it... // Usually there is no need to decode the request parameter. However, Slack // sends the "payload" parameter as a JSON encoded string $payload = json_decode($request["payload"], true); $user = $payload["user"]["name"]; $callbackId = explode("-",$payload["callback_id"]); $iconUrl = "https://www.iconexperience.com/_img/v_collection_png/24x24/plain/"; $icon = "error.png"; // find the Contact for this User - using the query function is best with // bound parameters instead of placing them directly into the query string. // This protects the database against injection threats $contacts = $this->query( "SELECT RECID FROM CONTACTS C LEFT JOIN V_UDF UDF ON UDF.VALUE_TABLE_NAME = 'CONTACTS' AND C.RECID = VALUE_TABLE_RECID WHERE UDF.VALUE = :slack_user", [":slack_user" => "@".$user] ); if(!empty($contacts)){ // the query function always returns an array // of rows so we need to look at the first index $contact = $contacts[0]; $incidents = $this->query( "SELECT SD.*, D.CODE, L.VALUE AS STATUS FROM SERVICE_DESK SD LEFT JOIN DEPT_HIERARCHY D ON SD.D_OWNER_DEPT_HIERARCHY_RECID = D.RECID LEFT JOIN LISTS L ON SD.SD_STATUS_LISTS_RECID = L.RECID WHERE SD_NUMBER = :incident", [":incident" => $callbackId[0]] ); if(!empty($incidents)){ $incident = $incidents[0]; $workflow = $this->query( "SELECT SDWF.*, CONCAT(C.LAST_NAME,', ',C.FIRST_NAME) AS WORKER, L.CODE AS STATUS FROM SERVICE_DESK_WORKFLOW SDWF LEFT JOIN CONTACTS C ON C.RECID = SDWF.WORKER_CONTACTS_RECID LEFT JOIN LISTS L ON SDWF.SD_WF_STATUS_LISTS_RECID = L.RECID WHERE SERVICE_DESK_RECID = :sd_recid AND SDWF.RECID = :recid", [ ":sd_recid" => $incident["RECID"], ":recid" => $callbackId[2] ] ); if(!empty($workflow)){ $wf = $workflow[0]; if(empty($wf["WORKER"])){ if($wf["STATUS"] == "PENDING"){ if(Core_Model_Api_Servicedesk::assignWorkflow( $wf["RECID"], $contact["RECID"] )){ $assigned = "Assigned to @{$user}"; $icon = "checkbox.png"; } else { $assigned = "Error: Failed to Assign Workflow..."; } } else { $assigned = "Error: WF is not Pending..."; } } else { $assigned = "WF Already Assigned to {$wf["WORKER"]}"; $icon = "information.png"; } } else { $assigned = "Error: Cannot find Workflow {$callbackId[1]} on {$callbackId[0]}..."; } } else { $assigned = "Error: Cannot find Incident [{$callbackId[0]}]..."; } } else { $assigned = "Error: Cannot find User [{$payload["user"]["name"]}]..."; } $orig = $payload["original_message"]; // the response array is the data that is returned to the original API request $response = [ "text" => $orig["text"], "attachments" => [[ "title" => $orig["attachments"][0]["title"], "title_link" => $orig["attachments"][0]["title_link"], "text" => $orig["attachments"][0]["text"], "footer" => $assigned, "footer_icon" => $iconUrl.$icon, "ts" => time(), ]] ];
Help Desk Portal - Email: help@pcr.com - Phone: 616.259.9242