fixed functions assign_existing_admin() and invite_admin() to support controller versions 5.9 and higher because of changes in controller behavior

minor code tweaks for improved readability
added function/method assign_existing_admin() fixed code for function/method invite_admin()
2019-01-21 09:41:47 +01:00 · 2019-01-19 15:17:53 +01:00 · 2018-12-14 11:27:20 +01:00 · 2018-11-05 12:18:10 +01:00 · 2018-10-24 09:54:43 +02:00 · 2018-10-20 14:29:08 +02:00
3 changed files with 373 additions and 218 deletions
--- a/README.md
+++ b/README.md
@@ -1,152 +1,12 @@
 ## UniFi Controller API client class

-A PHP class which provides access to Ubiquiti's **UniFi Controller API**, versions 4.X.X and 5.X.X of the UniFi Controller software are supported (version 5.8.24 has been confirmed to work). It's a standalone version of the class which is used in our API browser tool which can be found [here](https://github.com/Art-of-WiFi/UniFi-API-browser).
+A PHP class which provides access to Ubiquiti's [**UniFi SDN Controller API**](https://unifi-sdn.ui.com/), versions 4.X.X and 5.X.X of the UniFi SDN Controller software are supported (version 5.10.5 has been confirmed to work). It's a standalone version of the class which is used in our API browser tool which can be found [here](https://github.com/Art-of-WiFi/UniFi-API-browser).

-This class can be installed using composer/[packagist](https://packagist.org/packages/art-of-wifi/unifi-api-client) for easy inclusion in your projects.
-
-## Methods and functions supported
-
-The class currently supports the following functions/methods to get/post/put/delete data through the UniFi Controller API:
-
- login()
- logout()
- adopt_device()
- archive_alarm()
- authorize_guest()
- block_sta()
- count_alarms()
- create_firewallgroup()
- create_hotspotop()
- create_network()
- create_radius_account()
- create_site()
- create_usergroup()
- create_user()
- create_voucher()
- create_wlan()
- delete_device()
- delete_firewallgroup()
- delete_network()
- delete_radius_account()
- delete_site()
- delete_usergroup()
- delete_wlan()
- disable_ap()
- edit_firewallgroup()
- edit_usergroup()
- extend_guest_validity()
- forget_sta() (supported on controller version 5.9.X and higher)
- invite_admin()
- revoke_admin()
- led_override()
- list_admins()
- list_all_admins()
- list_alarms()
- list_aps() (deprecated but still available as alias)
- list_clients()
- list_country_codes()
- list_current_channels()
- list_dashboard()
- list_devices()
- list_dpi_stats()
- list_dynamicdns()
- list_events()
- list_extension()
- list_firewallgroups()
- list_guests()
- list_health()
- list_hotspotop()
- list_known_rogueaps()
- list_networkconf()
- list_portconf()
- list_portforward_stats()
- list_portforwarding()
- list_radius_accounts() (supported on controller version 5.5.19 and higher)
- list_radius_profiles()
- list_rogueaps()
- list_self()
- list_settings()
- list_sites()
- list_tags() (supported on controller version 5.5.19 and higher)
- list_usergroups()
- list_users()
- list_wlan_groups()
- list_wlanconf()
- locate_ap()
- move_device()
- power_cycle_switch_port()
- reconnect_sta()
- rename_ap()
- restart_ap()
- revoke_voucher()
- set_ap_radiosettings()
- set_device_settings_base()
- set_guestlogin_settings()
- set_guestlogin_settings_base()
- set_locate_ap() (deprecated but still available as alias)
- set_networksettings_base()
- set_radius_account_base()
- set_site_connectivity()
- set_site_country()
- set_site_guest_access()
- set_site_locale()
- set_site_mgmt()
- set_site_name()
- set_site_ntp()
- set_site_snmp()
- set_sta_name()
- set_sta_note()
- set_usergroup()
- set_wlan_mac_filter()
- set_wlansettings()
- set_wlansettings_base()
- site_leds()
- site_ledsoff() (deprecated but still available as alias)
- site_ledson() (deprecated but still available as alias)
- spectrum_scan()
- spectrum_scan_state()
- stat_allusers()
- stat_auths()
- stat_client()
- stat_5minutes_aps() (supported on controller version 5.5.X and higher)
- stat_hourly_aps()
- stat_daily_aps()
- stat_5minutes_site() (supported on controller version 5.5.X and higher)
- stat_hourly_site()
- stat_daily_site()
- stat_5minutes_user (supported on controller version 5.7.X and higher)
- stat_hourly_user() (supported on controller version 5.7.X and higher)
- stat_daily_user() (supported on controller version 5.7.X and higher)
- stat_payment()
- stat_sessions()
- stat_sites()
- stat_sta_sessions_latest()
- stat_status()
- stat_sysinfo()
- stat_voucher()
- unauthorize_guest()
- unblock_sta()
- unset_locate_ap() (deprecated but still available as alias)
- upgrade_device()
- upgrade_device_external()
- start_rolling_upgrade()
- cancel_rolling_upgrade()
-
-Internal functions, getters/setters:
-
- set_debug()
- get_debug()
- set_site()
- get_site()
- get_cookie() (renamed from getcookie())
- get_last_results_raw()
- get_last_error_message()
-
-Please refer to the source code for more details on the functions/methods and their parameters.
+This class can be installed manually or using composer/[packagist](https://packagist.org/packages/art-of-wifi/unifi-api-client) for easy inclusion in your projects.

 ## Requirements

- a web server with PHP and cURL modules installed (tested on apache2 with PHP Version 5.6.1 and cURL 7.42.1 and with PHP 7.0.7 and cURL 7.37.0)
+- a web server with PHP and cURL modules installed (tested on Apache 2.4 with PHP Version 5.6.1 and cURL 7.42.1 and with PHP 7.2.10 and cURL 7.58.0)
 - network connectivity between this web server and the server and port (normally TCP port 8443) where the UniFi Controller is running

 ## Installation ##
@@ -224,17 +84,164 @@ Please refer to the `examples/` directory for some more detailed examples which

 #### IMPORTANT NOTES:

-1. The last parameter (`true`) that is passed to the constructor, enables validation of the controller's SSL certificate which is otherwise **disabled** by default. It is highly recommended to enable this feature in production environments where you have a valid SSL cert installed on the UniFi Controller, and which is associated with the FQDN of the server as used in the `controller_url` parameter. This option was added with API client version 1.1.16.
-
-2. In the example above, `$site_id` is the 8 character short site "name" which is visible in the URL when managing the site in the UniFi Controller:
+1. In the above example, `$site_id` is the short site "name" (usually 8 characters long) that is visible in the URL when managing the site in the UniFi SDN Controller, for example with this URL:

   `https://<controller IP address or FQDN>:8443/manage/site/jl3z2shm/dashboard`

-   In this case, `jl3z2shm` is the value required for $site_id.
+   `jl3z2shm` is the short site "name" and the value to assign to $site_id.
+
+2. The last optional parameter that is passed to the constructor in the above example (`true`), enables validation of the controller's SSL certificate which is otherwise **disabled** by default. It is highly recommended to enable this feature in production environments where you have a valid SSL cert installed on the UniFi Controller, and which is associated with the FQDN of the server as used in the `controller_url` parameter. This option was added with API client version 1.1.16.
+
+## Methods and functions supported
+
+The class currently supports the following functions/methods to get/post/put/delete data through the UniFi Controller API. Please refer to the source code for more details on the functions/methods and their respective parameters.
+
+- login()
+- logout()
+- adopt_device()
+- archive_alarm()
+- authorize_guest()
+- block_sta()
+- count_alarms()
+- create_firewallgroup()
+- create_hotspotop()
+- create_network()
+- create_radius_account()
+- create_site()
+- create_usergroup()
+- create_user()
+- create_voucher()
+- create_wlan()
+- delete_device()
+- delete_firewallgroup()
+- delete_network()
+- delete_radius_account()
+- delete_site()
+- delete_usergroup()
+- delete_wlan()
+- disable_ap()
+- edit_client_fixedip()
+- edit_firewallgroup()
+- edit_usergroup()
+- extend_guest_validity()
+- forget_sta() (supported on controller version 5.9.X and higher)
+- invite_admin()
+- revoke_admin()
+- led_override()
+- list_admins()
+- list_all_admins()
+- list_alarms()
+- list_aps() (deprecated but still available as alias)
+- list_backups()
+- list_clients()
+- list_country_codes()
+- list_current_channels()
+- list_dashboard()
+- list_devices()
+- list_dpi_stats()
+- list_dynamicdns()
+- list_events()
+- list_extension()
+- list_firewallgroups()
+- list_guests()
+- list_health()
+- list_hotspotop()
+- list_known_rogueaps()
+- list_networkconf()
+- list_portconf()
+- list_portforward_stats()
+- list_portforwarding()
+- list_radius_accounts() (supported on controller version 5.5.19 and higher)
+- list_radius_profiles()
+- list_rogueaps()
+- list_self()
+- list_settings()
+- list_sites()
+- list_tags() (supported on controller version 5.5.19 and higher)
+- list_usergroups()
+- list_users()
+- list_wlan_groups()
+- list_wlanconf()
+- locate_ap()
+- move_device()
+- power_cycle_switch_port()
+- reconnect_sta()
+- rename_ap()
+- restart_ap()
+- revoke_voucher()
+- set_ap_radiosettings()
+- set_device_settings_base()
+- set_guestlogin_settings()
+- set_guestlogin_settings_base()
+- set_ips_settings_base() (supported on controller version 5.9.10 and higher)
+- set_locate_ap() (deprecated but still available as alias)
+- set_networksettings_base()
+- set_radius_account_base()
+- set_site_connectivity()
+- set_site_country()
+- set_site_guest_access()
+- set_site_locale()
+- set_site_mgmt()
+- set_site_name()
+- set_site_ntp()
+- set_site_snmp()
+- set_sta_name()
+- set_sta_note()
+- set_usergroup()
+- set_wlan_mac_filter()
+- set_wlansettings()
+- set_wlansettings_base()
+- site_leds()
+- site_ledsoff() (deprecated but still available as alias)
+- site_ledson() (deprecated but still available as alias)
+- spectrum_scan()
+- spectrum_scan_state()
+- stat_allusers()
+- stat_auths()
+- stat_client()
+- stat_5minutes_aps() (supported on controller version 5.5.X and higher)
+- stat_hourly_aps()
+- stat_daily_aps()
+- stat_5minutes_gateway() (supported on controller version 5.7.X and higher)
+- stat_hourly_gateway() (supported on controller version 5.7.X and higher)
+- stat_daily_gateway() (supported on controller version 5.7.X and higher)
+- stat_5minutes_site() (supported on controller version 5.5.X and higher)
+- stat_hourly_site()
+- stat_daily_site()
+- stat_5minutes_user (supported on controller version 5.7.X and higher)
+- stat_hourly_user() (supported on controller version 5.7.X and higher)
+- stat_daily_user() (supported on controller version 5.7.X and higher)
+- stat_payment()
+- stat_sessions()
+- stat_sites()
+- stat_speedtest_results()
+- stat_ips_events() (supported on controller version 5.9.10 and higher)
+- stat_sta_sessions_latest()
+- stat_status()
+- stat_sysinfo()
+- stat_voucher()
+- unauthorize_guest()
+- unblock_sta()
+- unset_locate_ap() (deprecated but still available as alias)
+- upgrade_device()
+- upgrade_device_external()
+- start_rolling_upgrade()
+- cancel_rolling_upgrade()
+- cmd_stat()
+
+Internal functions, getters/setters:
+
+- set_debug()
+- get_debug()
+- set_site()
+- get_site()
+- get_cookie() (renamed from getcookie())
+- get_last_results_raw()
+- get_last_error_message()

 ## Need help or have suggestions?

-There is still work to be done to add functionality and improve the usability of this class, so all suggestions/comments are welcome. Please use the github [issue](https://github.com/Art-of-WiFi/UniFi-API-client/issues) list or the Ubiquiti Community forums (https://community.ubnt.com/t5/UniFi-Wireless/PHP-class-to-access-the-UniFi-controller-API-updates-and/td-p/1512870) to share your ideas/questions.
+There is still work to be done to add functionality and further improve the usability of this class, so all suggestions/comments are welcome. Please use the GitHub [issue list](https://github.com/Art-of-WiFi/UniFi-API-client/issues) or the Ubiquiti Community forums (https://community.ubnt.com/t5/UniFi-Wireless/PHP-class-to-access-the-UniFi-controller-API-updates-and/td-p/1512870) to share your suggestions and questions.

 ## Contribute

@@ -242,10 +249,10 @@ If you would like to contribute code (improvements), please open an issue and in

 ## Credits

-This class is based on the work done by the following developers:
+This class is based on the initial work done by the following developers:
 - domwo: http://community.ubnt.com/t5/UniFi-Wireless/little-php-class-for-unifi-api/m-p/603051
 - fbagnol: https://github.com/fbagnol/class.unifi.php
- and the API as published by Ubiquiti: https://dl.ubnt.com/unifi/5.8.24/unifi_sh_api
+- and the API as published by Ubiquiti: https://dl.ubnt.com/unifi/5.9.29/unifi_sh_api

 ## Important Disclaimer

--- a/examples/README.md
+++ b/examples/README.md
@@ -9,6 +9,17 @@ Then update the contents of your new config.php with your controller details and

 Also make sure to update the path for the composer autoloader file (`vendor/autoload.php`) or the file containing the Class itself (`src/Client.php`) in your `require_once()` statement as required.

+#### Executing scripts from the CLI
+
+Most of the included example scripts can be run from the CLI or shell as follows after the necessary credentials and parameters have been added or updated:
+
+
+```sh
+$ php list_site_health.php
+```
+
+NOTE: this does require the `php-cli` module to be installed
+
 ### Contribute

 If you would like to share your own example file(s), please open an issue and include your code there or else create a pull request.
--- a/src/Client.php
+++ b/src/Client.php
@@ -25,6 +25,8 @@ class Client
     * private properties
     */
    protected $baseurl            = 'https://127.0.0.1:8443';
+    protected $user               = '';
+    protected $password           = '';
    protected $site               = 'default';
    protected $version            = '5.6.39';
    protected $debug              = false;
@@ -50,7 +52,7 @@ class Client
     *                                   recommended for production environments to prevent potential MitM attacks, default value (false)
     *                                   is to not validate the controller certificate
     */
-    function __construct($user, $password, $baseurl = '', $site = '', $version = '', $ssl_verify = false)
+    public function __construct($user, $password, $baseurl = '', $site = '', $version = '', $ssl_verify = false)
    {
        if (!extension_loaded('curl')) {
            trigger_error('The PHP curl extension is not loaded. Please correct this before proceeding!');
@@ -81,7 +83,7 @@ class Client
        $this->update_unificookie();
    }

-    function __destruct()
+    public function __destruct()
    {
        /**
         * if user has $_SESSION['unificookie'] set, do not logout here
@@ -141,26 +143,27 @@ class Client
        }

        $header_size = curl_getinfo($ch, CURLINFO_HEADER_SIZE);
+        $headers     = substr($content, 0, $header_size);
        $body        = trim(substr($content, $header_size));
-        $code        = curl_getinfo($ch, CURLINFO_HTTP_CODE);
+        $http_code   = curl_getinfo($ch, CURLINFO_HTTP_CODE);

        curl_close($ch);

-        preg_match_all('|Set-Cookie: (.*);|U', substr($content, 0, $header_size), $results);
+        preg_match_all('|Set-Cookie: (.*);|Ui', $headers, $results);

        if (isset($results[1])) {
            $this->cookies = implode(';', $results[1]);
            if (!empty($body)) {
-                if (($code >= 200) && ($code < 400)) {
+                if (($http_code >= 200) && ($http_code < 400)) {
                    if (strpos($this->cookies, 'unifises') !== false) {
                        return $this->is_loggedin = true;
                    }
                }

-                if ($code === 400) {
+                if ($http_code === 400) {
                    trigger_error('We have received an HTTP response status: 400. Probably a controller login failure');

-                    return $code;
+                    return $http_code;
                }
            }
        }
@@ -426,7 +429,7 @@ class Client
            return false;
        }

-        $end        = is_null($end) ? ((time()) * 1000) : intval($end);
+        $end        = is_null($end) ? (time() * 1000) : intval($end);
        $start      = is_null($start) ? $end - (12 * 3600 * 1000) : intval($start);
        $attributes = [
            'bytes',
@@ -461,7 +464,7 @@ class Client
            return false;
        }

-        $end        = is_null($end) ? ((time()) * 1000) : intval($end);
+        $end        = is_null($end) ? (time() * 1000) : intval($end);
        $start      = is_null($start) ? $end - (7 * 24 * 3600 * 1000) : intval($start);
        $attributes = [
            'bytes',
@@ -534,7 +537,7 @@ class Client
            return false;
        }

-        $end   = is_null($end) ? ((time()) * 1000) : intval($end);
+        $end   = is_null($end) ? (time() * 1000) : intval($end);
        $start = is_null($start) ? $end - (12 * 3600 * 1000) : intval($start);
        $json  = ['attrs' => ['bytes', 'num_sta', 'time'], 'start' => $start, 'end' => $end];
        if (!is_null($mac)) {
@@ -565,7 +568,7 @@ class Client
            return false;
        }

-        $end   = is_null($end) ? ((time()) * 1000) : intval($end);
+        $end   = is_null($end) ? (time() * 1000) : intval($end);
        $start = is_null($start) ? $end - (7 * 24 * 3600 * 1000) : intval($start);
        $json  = ['attrs' => ['bytes', 'num_sta', 'time'], 'start' => $start, 'end' => $end];
        if (!is_null($mac)) {
@@ -595,7 +598,7 @@ class Client
            return false;
        }

-        $end   = is_null($end) ? ((time()) * 1000) : intval($end);
+        $end   = is_null($end) ? (time() * 1000) : intval($end);
        $start = is_null($start) ? $end - (7 * 24 * 3600 * 1000) : intval($start);
        $json  = ['attrs' => ['bytes', 'num_sta', 'time'], 'start' => $start, 'end' => $end];
        if (!is_null($mac)) {
@@ -632,7 +635,7 @@ class Client
            return false;
        }

-        $end      = is_null($end) ? ((time()) * 1000) : intval($end);
+        $end      = is_null($end) ? (time() * 1000) : intval($end);
        $start    = is_null($start) ? $end - (12 * 3600 * 1000) : intval($start);
        $attribs  = is_null($attribs) ? ['time', 'rx_bytes', 'tx_bytes'] : array_merge(['time'], $attribs);
        $json     = ['attrs' => $attribs, 'start' => $start, 'end' => $end, 'mac' => strtolower($mac)];
@@ -664,7 +667,7 @@ class Client
            return false;
        }

-        $end      = is_null($end) ? ((time()) * 1000) : intval($end);
+        $end      = is_null($end) ? (time() * 1000) : intval($end);
        $start    = is_null($start) ? $end - (7 * 24 * 3600 * 1000) : intval($start);
        $attribs  = is_null($attribs) ? ['time', 'rx_bytes', 'tx_bytes'] : array_merge(['time'], $attribs);
        $json     = ['attrs' => $attribs, 'start' => $start, 'end' => $end, 'mac' => strtolower($mac)];
@@ -696,7 +699,7 @@ class Client
            return false;
        }

-        $end      = is_null($end) ? ((time()) * 1000) : intval($end);
+        $end      = is_null($end) ? (time() * 1000) : intval($end);
        $start    = is_null($start) ? $end - (7 * 24 * 3600 * 1000) : intval($start);
        $attribs  = is_null($attribs) ? ['time', 'rx_bytes', 'tx_bytes'] : array_merge(['time'], $attribs);
        $json     = ['attrs' => $attribs, 'start' => $start, 'end' => $end, 'mac' => strtolower($mac)];
@@ -730,11 +733,11 @@ class Client
            return false;
        }

-        $end      = is_null($end) ? ((time()) * 1000) : intval($end);
+        $end      = is_null($end) ? (time() * 1000) : intval($end);
        $start    = is_null($start) ? $end - (12 * 3600 * 1000) : intval($start);
        $attribs  = is_null($attribs) ? ['time', 'mem', 'cpu', 'loadavg_5'] : array_merge(['time'], $attribs);
        $json     = json_encode(['attrs' => $attribs, 'start' => $start, 'end' => $end]);
-        $response = $this->exec_curl('/api/s/' . $this->site.'/stat/report/5minutes.gw', 'json=' . $json);
+        $response = $this->exec_curl('/api/s/' . $this->site . '/stat/report/5minutes.gw', 'json=' . $json);

        return $this->process_response($response);
    }
@@ -760,11 +763,11 @@ class Client
            return false;
        }

-        $end      = is_null($end) ? ((time()) * 1000) : intval($end);
+        $end      = is_null($end) ? (time() * 1000) : intval($end);
        $start    = is_null($start) ? $end - (7 * 24 * 3600 * 1000) : intval($start);
        $attribs  = is_null($attribs) ? ['time', 'mem', 'cpu', 'loadavg_5'] : array_merge(['time'], $attribs);
        $json     = json_encode(['attrs' => $attribs, 'start' => $start, 'end' => $end]);
-        $response = $this->exec_curl('/api/s/' . $this->site.'/stat/report/hourly.gw', 'json=' . $json);
+        $response = $this->exec_curl('/api/s/' . $this->site . '/stat/report/hourly.gw', 'json=' . $json);

        return $this->process_response($response);
    }
@@ -794,7 +797,7 @@ class Client
        $start    = is_null($start) ? $end - (52 * 7 * 24 * 3600 * 1000) : intval($start);
        $attribs  = is_null($attribs) ? ['time', 'mem', 'cpu', 'loadavg_5'] : array_merge(['time'], $attribs);
        $json     = json_encode(['attrs' => $attribs, 'start' => $start, 'end' => $end]);
-        $response = $this->exec_curl('/api/s/' . $this->site.'/stat/report/daily.gw', 'json=' . $json);
+        $response = $this->exec_curl('/api/s/' . $this->site . '/stat/report/daily.gw', 'json=' . $json);

        return $this->process_response($response);
    }
@@ -816,7 +819,7 @@ class Client
            return false;
        }

-        $end      = is_null($end) ? ((time()) * 1000) : intval($end);
+        $end      = is_null($end) ? (time() * 1000) : intval($end);
        $start    = is_null($start) ? $end - (24 * 3600 * 1000) : intval($start);
        $json     = ['attrs' => ['xput_download', 'xput_upload', 'latency', 'time'], 'start' => $start, 'end' => $end];
        $json     = json_encode($json);
@@ -825,6 +828,35 @@ class Client
        return $this->process_response($response);
    }

+    /**
+     * Method to fetch IPS/IDS event
+     * ----------------------------------
+     * returns an array of IPS/IDS event objects
+     * optional parameter <start> = Unix timestamp in milliseconds
+     * optional parameter <end>   = Unix timestamp in milliseconds
+     * optional parameter <limit> = Maximum number of events to return, defaults to 10000
+     *
+     * NOTES:
+     * - defaults to the past 24 hours
+     * - requires a USG
+     * - supported in UniFi controller versions 5.9.X and higher
+     */
+    public function stat_ips_events($start = null, $end = null, $limit = null)
+    {
+        if (!$this->is_loggedin) {
+            return false;
+        }
+
+        $end      = is_null($end) ? (time() * 1000) : intval($end);
+        $start    = is_null($start) ? $end - (24 * 3600 * 1000) : intval($start);
+        $limit    = is_null($limit) ? 10000 : intval($limit);
+        $json     = ['start' => $start, 'end' => $end, '_limit' => $limit];
+        $json     = json_encode($json);
+        $response = $this->exec_curl('/api/s/' . $this->site . '/stat/ips/event', 'json=' . $json);
+
+        return $this->process_response($response);
+    }
+
    /**
     * Show all login sessions
     * -----------------------
@@ -1066,12 +1098,12 @@ class Client
        }

        $this->request_type = 'POST';
-        $json               = json_encode([
+        $json = json_encode([
            'name'              => $group_name,
            'qos_rate_max_down' => intval($group_dn),
            'qos_rate_max_up'   => intval($group_up)
        ]);
-        $response           = $this->exec_curl('/api/s/' . $this->site . '/rest/usergroup', $json);
+        $response = $this->exec_curl('/api/s/' . $this->site . '/rest/usergroup', $json);

        return $this->process_response($response);
    }
@@ -1093,7 +1125,7 @@ class Client
        }

        $this->request_type = 'PUT';
-        $json               = json_encode([
+        $json = json_encode([
            '_id'               => $group_id,
            'name'              => $group_name,
            'qos_rate_max_down' => intval($group_dn),
@@ -1101,7 +1133,7 @@ class Client
            'site_id'           => $site_id
        ]);

-        $response           = $this->exec_curl('/api/s/' . $this->site . '/rest/usergroup/' . trim($group_id), $json);
+        $response = $this->exec_curl('/api/s/' . $this->site . '/rest/usergroup/' . trim($group_id), $json);

        return $this->process_response($response);
    }
@@ -1127,15 +1159,16 @@ class Client
    /**
     * List firewall groups (using REST)
     * ----------------------------------
-     * returns an array containing the current firewall groups on success
+     * returns an array containing the current firewall groups or the selected firewall group on success
+     * optional parameter <group_id> = id of the single firewall group to list
     */
-    public function list_firewallgroups()
+    public function list_firewallgroups($group_id = null)
    {
        if (!$this->is_loggedin) {
            return false;
        }

-        $response = $this->exec_curl('/api/s/' . $this->site . '/rest/firewallgroup');
+        $response = $this->exec_curl('/api/s/' . $this->site . '/rest/firewallgroup/' . trim($group_id));

        return $this->process_response($response);
    }
@@ -1160,12 +1193,12 @@ class Client
        }

        $this->request_type = 'POST';
-        $json               = json_encode([
+        $json = json_encode([
            'name'          => $group_name,
            'group_type'    => $group_type,
            'group_members' => $group_members
        ]);
-        $response           = $this->exec_curl('/api/s/' . $this->site . '/rest/firewallgroup', $json);
+        $response = $this->exec_curl('/api/s/' . $this->site . '/rest/firewallgroup', $json);

        return $this->process_response($response);
    }
@@ -1195,14 +1228,14 @@ class Client
        }

        $this->request_type = 'PUT';
-        $json               = json_encode([
+        $json = json_encode([
            '_id'           => $group_id,
            'name'          => $group_name,
            'group_type'    => $group_type,
            'group_members' => $group_members,
            'site_id'       => $site_id
        ]);
-        $response           = $this->exec_curl('/api/s/' . $this->site . '/rest/firewallgroup/' . trim($group_id),
+        $response = $this->exec_curl('/api/s/' . $this->site . '/rest/firewallgroup/' . trim($group_id),
            $json);

        return $this->process_response($response);
@@ -1226,6 +1259,22 @@ class Client
        return $this->process_response_boolean($response);
    }

+    /**
+     * List firewall rules (using REST)
+     * ----------------------------------
+     * returns an array containing the current firewall rules on success
+     */
+    public function list_firewallrules()
+    {
+        if (!$this->is_loggedin) {
+            return false;
+        }
+
+        $response = $this->exec_curl('/api/s/' . $this->site . '/rest/firewallrule');
+
+        return $this->process_response($response);
+    }
+
    /**
     * List health metrics
     * -------------------
@@ -1473,7 +1522,7 @@ class Client
        $this->request_type = 'PUT';
        $json               = json_encode($setting);
        $response           = $this->exec_curl('/api/s/' . $this->site . '/rest/setting/country/' . trim($country_id),
-            'json=' . $json);
+                              'json=' . $json);

        return $this->process_response_boolean($response);
    }
@@ -1495,7 +1544,7 @@ class Client
        $this->request_type = 'PUT';
        $json               = json_encode($setting);
        $response           = $this->exec_curl('/api/s/' . $this->site . '/rest/setting/locale/' . trim($locale_id),
-            'json=' . $json);
+                              'json=' . $json);

        return $this->process_response_boolean($response);
    }
@@ -1517,7 +1566,7 @@ class Client
        $this->request_type = 'PUT';
        $json               = json_encode($setting);
        $response           = $this->exec_curl('/api/s/' . $this->site . '/rest/setting/snmp/' . trim($snmp_id),
-            'json=' . $json);
+                              'json=' . $json);

        return $this->process_response_boolean($response);
    }
@@ -1539,7 +1588,7 @@ class Client
        $this->request_type = 'PUT';
        $json               = json_encode($setting);
        $response           = $this->exec_curl('/api/s/' . $this->site . '/rest/setting/mgmt/' . trim($mgmt_id),
-            'json=' . $json);
+                              'json=' . $json);

        return $this->process_response_boolean($response);
    }
@@ -1561,7 +1610,7 @@ class Client
        $this->request_type = 'PUT';
        $json               = json_encode($setting);
        $response           = $this->exec_curl('/api/s/' . $this->site . '/rest/setting/guest_access/' . trim($guest_access_id),
-            'json=' . $json);
+                              'json=' . $json);

        return $this->process_response_boolean($response);
    }
@@ -1583,7 +1632,7 @@ class Client
        $this->request_type = 'PUT';
        $json               = json_encode($setting);
        $response           = $this->exec_curl('/api/s/' . $this->site . '/rest/setting/ntp/' . trim($ntp_id),
-            'json=' . $json);
+                              'json=' . $json);

        return $this->process_response_boolean($response);
    }
@@ -1605,7 +1654,7 @@ class Client
        $this->request_type = 'PUT';
        $json               = json_encode($setting);
        $response           = $this->exec_curl('/api/s/' . $this->site . '/rest/setting/connectivity/' . trim($connectivity_id),
-            'json=' . $json);
+                              'json=' . $json);

        return $this->process_response_boolean($response);
    }
@@ -1652,14 +1701,14 @@ class Client
     * optional parameter <enable_sso>     = boolean, whether or not SSO will be allowed for the new admin
     *                                       default value is true which enables the SSO capability
     * optional parameter <readonly>       = boolean, whether or not the new admin will have readonly
-     *                                       permissions, default value is true which gives the new admin
-     *                                       administrator permissions
+     *                                       permissions, default value is false which gives the new admin
+     *                                       Administrator permissions
     * optional parameter <device_adopt>   = boolean, whether or not the new admin will have permissions to
-     *                                       adopt devices, default value is false. Only applies when readonly
-     *                                       is true.
+     *                                       adopt devices, default value is false. With versions < 5.9.X this only applies
+     *                                       when readonly is true.
     * optional parameter <device_restart> = boolean, whether or not the new admin will have permissions to
-     *                                       restart devices, default value is false. Only applies when readonly
-     *                                       is true.
+     *                                       restart devices, default value is false. With versions < 5.9.X this only applies
+     *                                       when readonly is true.
     *
     * NOTES:
     * - after issuing a valid request, an invite will be sent to the email address provided
@@ -1684,25 +1733,72 @@ class Client
            return false;
        }

-        $json = ['name' => trim($name), 'email' => trim($email), 'for_sso' => $enable_sso, 'cmd' => 'invite-admin'];
+        $permissions = [];
+        $json        = ['name' => trim($name), 'email' => trim($email), 'for_sso' => $enable_sso, 'cmd' => 'invite-admin', 'role' => 'admin'];
+
        if ($readonly) {
            $json['role'] = 'readonly';
-            $permissions  = [];
-            if ($device_adopt) {
-                $permissions[] = "API_DEVICE_ADOPT";
-            }
-
-            if ($device_restart) {
-                $permissions[] = "API_DEVICE_RESTART";
-            }
-
-            if (count($permissions) > 0) {
-                $json['permissions'] = $permissions;
-            }
        }

-        $json     = json_encode($json);
-        $response = $this->exec_curl('/api/s/' . $this->site . '/cmd/sitemgr', 'json=' . $json);
+        if ($device_adopt) {
+            $permissions[] = "API_DEVICE_ADOPT";
+        }
+
+        if ($device_restart) {
+            $permissions[] = "API_DEVICE_RESTART";
+        }
+
+        $json['permissions'] = $permissions;
+        $json                = json_encode($json);
+        $response            = $this->exec_curl('/api/s/' . $this->site . '/cmd/sitemgr', 'json=' . $json);
+
+        return $this->process_response_boolean($response);
+    }
+
+    /**
+     * Assign an existing admin to the current site
+     * --------------------------------------------
+     * returns true on success
+     * required parameter <admin_id>       = 24 char string; _id of the admin user to assign, can be obtained using the
+     *                                       list_all_admins() method/function
+     * optional parameter <readonly>       = boolean, whether or not the new admin will have readonly
+     *                                       permissions, default value is false which gives the new admin
+     *                                       Administrator permissions
+     * optional parameter <device_adopt>   = boolean, whether or not the new admin will have permissions to
+     *                                       adopt devices, default value is false. With versions < 5.9.X this only applies
+     *                                       when readonly is true.
+     * optional parameter <device_restart> = boolean, whether or not the new admin will have permissions to
+     *                                       restart devices, default value is false. With versions < 5.9.X this only applies
+     *                                       when readonly is true.
+     */
+    public function assign_existing_admin(
+        $admin_id,
+        $readonly       = false,
+        $device_adopt   = false,
+        $device_restart = false
+    ) {
+        if (!$this->is_loggedin) {
+            return false;
+        }
+
+        $permissions = [];
+        $json        = ['cmd' => 'grant-admin', 'admin' => trim($admin_id), 'role' => 'admin'];
+
+        if ($readonly) {
+            $json['role'] = 'readonly';
+        }
+
+        if ($device_adopt) {
+            $permissions[] = "API_DEVICE_ADOPT";
+        }
+
+        if ($device_restart) {
+            $permissions[] = "API_DEVICE_RESTART";
+        }
+
+        $json['permissions'] = $permissions;
+        $json                = json_encode($json);
+        $response            = $this->exec_curl('/api/s/' . $this->site . '/cmd/sitemgr', 'json=' . $json);

        return $this->process_response_boolean($response);
    }
@@ -1711,7 +1807,7 @@ class Client
     * Revoke an admin
     * ---------------
     * returns true on success
-     * required parameter <admin_id> = id of the admin to revoke which can be obtained using the
+     * required parameter <admin_id> = id of the admin to revoke, can be obtained using the
     *                                 list_all_admins() method/function
     *
     * NOTES:
@@ -1723,7 +1819,7 @@ class Client
            return false;
        }

-        $json     = json_encode(['admin' => $admin_id, 'cmd' => 'revoke-admin']);
+        $json     = json_encode(['cmd' => 'revoke-admin', 'admin' => $admin_id]);
        $response = $this->exec_curl('/api/s/' . $this->site . '/cmd/sitemgr', 'json=' . $json);

        return $this->process_response_boolean($response);
@@ -2272,7 +2368,7 @@ class Client
            return false;
        }

-        $json     = json_encode([
+        $json = json_encode([
            'radio_table' => [
                'radio'         => $radio,
                'channel'       => $channel,
@@ -2342,7 +2438,7 @@ class Client
        if (!$this->is_loggedin) {
            return false;
        }
-        $json     = [
+        $json = [
            'portal_enabled'    => $portal_enabled,
            'portal_customized' => $portal_customized,
            'redirect_enabled'  => $redirect_enabled,
@@ -2363,7 +2459,7 @@ class Client
     * ------------------------------------------
     * return true on success
     * required parameter <network_settings> = stdClass object or associative array containing the configuration to apply to the guestlogin, must be a (partial)
-     *                                         object/array structured in the same manner as is returned by list_settings() for the guest_access.
+     *                                         object/array structured in the same manner as is returned by list_settings() for the "guest_access" section.
     */
    public function set_guestlogin_settings_base($guestlogin_settings)
    {
@@ -2377,6 +2473,25 @@ class Client
        return $this->process_response_boolean($response);
    }

+    /**
+     * Update IPS/IDS settings, base
+     * ------------------------------------------
+     * return true on success
+     * required parameter <ips_settings> = stdClass object or associative array containing the IPS/IDS settings to apply, must be a (partial)
+     *                                     object/array structured in the same manner as is returned by list_settings() for the "ips" section.
+     */
+    public function set_ips_settings_base($ips_settings)
+    {
+        if (!$this->is_loggedin) {
+            return false;
+        }
+
+        $json     = json_encode($ips_settings, JSON_UNESCAPED_SLASHES);
+        $response = $this->exec_curl('/api/s/' . $this->site . '/set/setting/ips', 'json=' . $json);
+
+        return $this->process_response_boolean($response);
+    }
+
    /**
     * Rename access point
     * -------------------
@@ -2723,7 +2838,7 @@ class Client
            return false;
        }

-        $json     = [
+        $json = [
            '_sort'  => '-time',
            'within' => intval($historyhours),
            'type'   => null,
@@ -3115,6 +3230,28 @@ class Client
        return $this->process_response_boolean($response);
    }

+    /**
+     * Execute specific command
+     * ------------------------
+     * return true on success
+     * required parameter <command>  = string; command to execute, known valid values
+     *                                 'reset-dpi': reset all DPI counters for the current site
+     *
+     * NOTE:
+     * the provided <command> parameter isn't validated so make sure you're using a correct value
+     */
+    public function cmd_stat($command)
+    {
+        if (!$this->is_loggedin) {
+            return false;
+        }
+
+        $json     = json_encode(['cmd' => trim($command)]);
+        $response = $this->exec_curl('/api/s/' . $this->site . '/cmd/stat', 'json=' . $json);
+
+        return $this->process_response_boolean($response);
+    }
+
    /****************************************************************
     * "Aliases" for deprecated functions from here, to support
     * backward compatibility:
@@ -3632,9 +3769,9 @@ class Client
        return $this->curl_ssl_verify_host;
    }

-    public function set_cookies($cookie_value)
+    public function set_cookies($cookies_value)
    {
-        $this->cookies = $cookie_value;
+        $this->cookies = $cookies_value;
    }

    public function set_request_type($request_type)
Author	SHA1	Message	Date
malle-pietje	55867197e3	fixed functions assign_existing_admin() and invite_admin() to support controller versions 5.9 and higher because of changes in controller behavior	2019-01-21 09:41:47 +01:00
malle-pietje	78bed0895d	minor code tweaks for improved readability added function/method assign_existing_admin() fixed code for function/method invite_admin()	2019-01-19 15:17:53 +01:00
malle-pietje	77cc1d87a4	made regex to extract cookies case insensitive, though this would only be needed for corner cases this is still RFC compliant (https://www.w3.org/Protocols/rfc2616/rfc2616-sec4.html#sec4.2 ) changed the layout of the README file to put more emphasis on the installation options and the basic example, and less on the list of methods/functions	2018-12-14 11:27:20 +01:00
malle-pietje	5389f3a486	API client class v1.1.37 updated both READMEs added cmd_stat() function, can currently only be used to reset DPI counters for the current site added optional group_id parameter to list_firewallgroups() which allows you to select a single firewall group, thanks to @VWT-Dan for the suggestion	2018-11-05 12:18:10 +01:00
malle-pietje	2a566ad18a	API client class v1.1.36 added methods stat_ips_events(), set_ips_settings_base(), supported with controllers 5.9.10 and higher thanks go to @leonardogyn for providing access to a controller and test network for test/validation purposes	2018-10-24 09:54:43 +02:00
malle-pietje	1714e9587c	general code cleanup added spaces throughout Client.php following PSR-2 guidelines that were skipped with the previous commit added visibility to constructor and destructor methods following PSR-2 recommendations declare user and password properties and visibility following PSR-2 recommendations updated README to add recently added functions/methods minor general changes to the README	2018-10-20 14:29:08 +02:00