summaryrefslogtreecommitdiff
path: root/doc/api/http_api.md
blob: 3afab498f66e4e19a6c8b224834418f9d1460602 (plain)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
199
200
201
202
203
204
205
206
207
208
209
210
211
212
213
214
215
216
217
218
219
220
221
222
223
224
225
226
227
228
229
230
231
232
233
234
235
236
237
238
239
240
241
242
243
244
245
246
247
248
249
250
251
252
253
254
# HTTP API

## What can I do with this API?
The API gives another web application control of the pads. The basic functions are

* create/delete pads 
* grant/forbid access to pads
* get/set pad content

The API is designed in a way, so you can reuse your existing user system with their permissions, and map it to etherpad lite. Means: Your web application still has to do authentication, but you can tell etherpad lite via the api, which visitors should get which permissions. This allows etherpad lite to fit into any web application and extend it with real-time functionality. You can embed the pads via an iframe into your website.

Take a look at [HTTP API client libraries](https://github.com/Pita/etherpad-lite/wiki/HTTP-API-client-libraries) to see if a library in your favorite language.

## Examples

### Example 1

A portal (such as WordPress) wants to give a user access to a new pad. Let's assume the user have the internal id 7 and his name is michael. 

Portal maps the internal userid to an etherpad author. 

> Request: `http://pad.domain/api/1/createAuthorIfNotExistsFor?apikey=secret&name=Michael&authorMapper=7`
> 
> Response: `{code: 0, message:"ok", data: {authorID: "a.s8oes9dhwrvt0zif"}}`

Portal maps the internal userid to an etherpad group:

> Request: `http://pad.domain/api/1/createGroupIfNotExistsFor?apikey=secret&groupMapper=7`
> 
> Response: `{code: 0, message:"ok", data: {groupID: "g.s8oes9dhwrvt0zif"}}`

Portal creates a pad in the userGroup

> Request: `http://pad.domain/api/1/createGroupPad?apikey=secret&groupID=g.s8oes9dhwrvt0zif&padName=samplePad&text=This is the first sentence in the pad`
> 
> Response: `{code: 0, message:"ok", data: null}`

Portal starts the session for the user on the group:

> Request: `http://pad.domain/api/1/createSession?apikey=secret&groupID=g.s8oes9dhwrvt0zif&authorID=a.s8oes9dhwrvt0zif&validUntil=1312201246`
> 
> Response: `{"data":{"sessionID": "s.s8oes9dhwrvt0zif"}}`

Portal places the cookie "sessionID" with the given value on the client and creates an iframe including the pad.

### Example 2

A portal (such as WordPress) wants to transform the contents of a pad that multiple admins edited into a blog post.

Portal retrieves the contents of the pad for entry into the db as a blog post:

> Request: `http://pad.domain/api/1/getText?apikey=secret&padID=g.s8oes9dhwrvt0zif$123`
> 
> Response: `{code: 0, message:"ok", data: {text:"Welcome Text"}}`

Portal submits content into new blog post

> Portal.AddNewBlog(content)
>

## Usage

### Request Format

The API is accessible via HTTP. HTTP Requests are in the format /api/$APIVERSION/$FUNCTIONNAME. Parameters are transmitted via HTTP GET. $APIVERSION is 1

### Response Format
Responses are valid JSON in the following format:

```js
{
  "code": number,
  "message": string,
  "data": obj
}
```

* **code** a return code
  * **0** everything ok
  * **1** wrong parameters
  * **2** internal error
  * **3** no such function
  * **4** no or wrong API Key
* **message** a status message. Its ok if everything is fine, else it contains an error message
* **data** the payload

### Overview

![API Overview](http://i.imgur.com/d0nWp.png)

## Data Types

* **groupID**  a string, the unique id of a group. Format is g.16RANDOMCHARS, for example g.s8oes9dhwrvt0zif
* **sessionID** a string, the unique id of a session. Format is s.16RANDOMCHARS, for example s.s8oes9dhwrvt0zif
* **authorID** a string, the unique id of an author. Format is a.16RANDOMCHARS, for example a.s8oes9dhwrvt0zif
* **readOnlyID** a string, the unique id of an readonly relation to a pad. Format is r.16RANDOMCHARS, for example r.s8oes9dhwrvt0zif
* **padID** a string, format is GROUPID$PADNAME, for example the pad test of group g.s8oes9dhwrvt0zif has padID g.s8oes9dhwrvt0zif$test

### Authentication

Authentication works via a token that is sent with each request as a post parameter.  There is a single token per Etherpad-Lite deployment.  This token will be random string, generated by Etherpad-Lite at the first start. It will be saved in APIKEY.txt in the root folder of Etherpad Lite. Only Etherpad Lite and the requesting application knows this key. Token management will not be exposed through this API. 

### Node Interoperability

All functions will also be available through a node module accessable from other node.js applications.

### JSONP

The API provides _JSONP_ support to allow requests from a server in a different domain.
Simply add `&jsonp=?` to the API call.

Example usage: http://api.jquery.com/jQuery.getJSON/

## API Methods

### Groups
Pads can belong to a group. The padID of grouppads is starting with a groupID like g.asdfasdfasdfasdf$test

* **createGroup()** creates a new group <br><br>*Example returns:*
  * `{code: 0, message:"ok", data: {groupID: g.s8oes9dhwrvt0zif}}`

* **createGroupIfNotExistsFor(groupMapper)** this functions helps you to map your application group ids to etherpad lite group ids <br><br>*Example returns:*
  * `{code: 0, message:"ok", data: {groupID: g.s8oes9dhwrvt0zif}}`

* **deleteGroup(groupID)** deletes a group <br><br>*Example returns:*
  * `{code: 0, message:"ok", data: null}`
  * `{code: 1, message:"groupID does not exist", data: null}`

* **listPads(groupID)** returns all pads of this group<br><br>*Example returns:*
  * `{code: 0, message:"ok", data: {padIDs : ["g.s8oes9dhwrvt0zif$test", "g.s8oes9dhwrvt0zif$test2"]}`
  * `{code: 1, message:"groupID does not exist", data: null}`

* **createGroupPad(groupID, padName [, text])** creates a new pad in this group <br><br>*Example returns:*
  * `{code: 0, message:"ok", data: null}`
  * `{code: 1, message:"pad does already exist", data: null}`
  * `{code: 1, message:"groupID does not exist", data: null}`

* **listAllGroups()** lists all existing groups<br><br>*Example returns:*
  * `{code: 0, message:"ok", data: {groupIDs: ["g.mKjkmnAbSMtCt8eL", "g.3ADWx6sbGuAiUmCy"]}}`
  * `{code: 0, message:"ok", data: {groupIDs: []}}`

### Author
These authors are bound to the attributes the users choose (color and name). 

* **createAuthor([name])** creates a new author <br><br>*Example returns:*
  * `{code: 0, message:"ok", data: {authorID: "a.s8oes9dhwrvt0zif"}}`

* **createAuthorIfNotExistsFor(authorMapper [, name])** this functions helps you to map your application author ids to etherpad lite author ids <br><br>*Example returns:*
  * `{code: 0, message:"ok", data: {authorID: "a.s8oes9dhwrvt0zif"}}`

* **listPadsOfAuthor(authorID)** returns an array of all pads this author contributed to<br><br>*Example returns:*
  * `{code: 0, message:"ok", data: {padIDs: ["g.s8oes9dhwrvt0zif$test", "g.s8oejklhwrvt0zif$foo"]}}`
  * `{code: 1, message:"authorID does not exist", data: null}`

* **getAuthorName(authorID)** Returns the Author Name of the author <br><br>*Example returns:*
  * `{code: 0, message:"ok", data: {authorName: "John McLear"}}`

-> can't be deleted cause this would involve scanning all the pads where this author was

### Session
Sessions can be created between a group and an author. This allows an author to access more than one group. The sessionID will be set as a cookie to the client and is valid until a certain date. The session cookie can also contain multiple comma-seperated sessionIDs, allowing a user to edit pads in different groups at the same time. Only users with a valid session for this group, can access group pads. You can create a session after you authenticated the user at your web application, to give them access to the pads. You should save the sessionID of this session and delete it after the user logged out.

* **createSession(groupID, authorID, validUntil)** creates a new session. validUntil is an unix timestamp in seconds <br><br>*Example returns:*
  * `{code: 0, message:"ok", data: {sessionID: "s.s8oes9dhwrvt0zif"}}`
  * `{code: 1, message:"groupID doesn't exist", data: null}`
  * `{code: 1, message:"authorID doesn't exist", data: null}`
  * `{code: 1, message:"validUntil is in the past", data: null}`

* **deleteSession(sessionID)** deletes a session <br><br>*Example returns:*
  * `{code: 1, message:"ok", data: null}`
  * `{code: 1, message:"sessionID does not exist", data: null}`

* **getSessionInfo(sessionID)** returns informations about a session <br><br>*Example returns:*
  * `{code: 0, message:"ok", data: {authorID: "a.s8oes9dhwrvt0zif", groupID: g.s8oes9dhwrvt0zif, validUntil: 1312201246}}`
  * `{code: 1, message:"sessionID does not exist", data: null}`

* **listSessionsOfGroup(groupID)** returns all sessions of a group <br><br>*Example returns:*
  * `{"code":0,"message":"ok","data":{"s.oxf2ras6lvhv2132":{"groupID":"g.s8oes9dhwrvt0zif","authorID":"a.akf8finncvomlqva","validUntil":2312905480}}}`
  * `{code: 1, message:"groupID does not exist", data: null}`

* **listSessionsOfAuthor(authorID)** returns all sessions of an author <br><br>*Example returns:*
  * `{"code":0,"message":"ok","data":{"s.oxf2ras6lvhv2132":{"groupID":"g.s8oes9dhwrvt0zif","authorID":"a.akf8finncvomlqva","validUntil":2312905480}}}`
  * `{code: 1, message:"authorID does not exist", data: null}`

### Pad Content

Pad content can be updated and retrieved through the API

* **getText(padID, [rev])** returns the text of a pad <br><br>*Example returns:*
  * `{code: 0, message:"ok", data: {text:"Welcome Text"}}`
  * `{code: 1, message:"padID does not exist", data: null}`

* **setText(padID, text)** sets the text of a pad <br><br>*Example returns:*
  * `{code: 0, message:"ok", data: null}`
  * `{code: 1, message:"padID does not exist", data: null}`
  * `{code: 1, message:"text too long", data: null}`

* **getHTML(padID, [rev])** returns the text of a pad formatted as HTML<br><br>*Example returns:*
  * `{code: 0, message:"ok", data: {html:"Welcome Text<br>More Text"}}`
  * `{code: 1, message:"padID does not exist", data: null}`

### Pad
Group pads are normal pads, but with the name schema GROUPID$PADNAME. A security manager controls access of them and its forbidden for normal pads to include a $ in the name. 

* **createPad(padID [, text])** creates a new (non-group) pad.  Note that if you need to create a group Pad, you should call **createGroupPad**.<br><br>*Example returns:*
  * `{code: 0, message:"ok", data: null}`
  * `{code: 1, message:"pad does already exist", data: null}`

* **getRevisionsCount(padID)** returns the number of revisions of this pad <br><br>*Example returns:*
  * `{code: 0, message:"ok", data: {revisions: 56}}`
  * `{code: 1, message:"padID does not exist", data: null}`

* **padUsersCount(padID)** returns the number of user that are currently editing this pad <br><br>*Example returns:*
  * `{code: 0, message:"ok", data: {padUsersCount: 5}}`

* **padUsers(padID)** returns the list of users that are currently editing this pad <br><br>*Example returns:*
  * `{code: 0, message:"ok", data: {padUsers: [{colorId:"#c1a9d9","name":"username1","timestamp":1345228793126},{"colorId":"#d9a9cd","name":"Hmmm","timestamp":1345228796042}]}}`
  * `{code: 0, message:"ok", data: {padUsers: []}}`

* **deletePad(padID)** deletes a pad <br><br>*Example returns:*
  * `{code: 0, message:"ok", data: null}`
  * `{code: 1, message:"padID does not exist", data: null}`

* **getReadOnlyID(padID)** returns the read only link of a pad <br><br>*Example returns:*
  * `{code: 0, message:"ok", data: {readOnlyID: "r.s8oes9dhwrvt0zif"}}`
  * `{code: 1, message:"padID does not exist", data: null}`

* **setPublicStatus(padID, publicStatus)** sets a boolean for the public status of a pad <br><br>*Example returns:*
  * `{code: 0, message:"ok", data: null}`
  * `{code: 1, message:"padID does not exist", data: null}`

* **getPublicStatus(padID)** return true of false <br><br>*Example returns:*
  * `{code: 0, message:"ok", data: {publicStatus: true}}`
  * `{code: 1, message:"padID does not exist", data: null}`

* **setPassword(padID, password)** returns ok or a error message <br><br>*Example returns:*
  * `{code: 0, message:"ok", data: null}`
  * `{code: 1, message:"padID does not exist", data: null}`

* **isPasswordProtected(padID)** returns true or false <br><br>*Example returns:*
  * `{code: 0, message:"ok", data: {passwordProtection: true}}`
  * `{code: 1, message:"padID does not exist", data: null}`

* **listAuthorsOfPad(padID)** returns an array of authors who contributed to this pad <br><br>*Example returns:*
  * `{code: 0, message:"ok", data: {authorIDs : ["a.s8oes9dhwrvt0zif", "a.akf8finncvomlqva"]}`
  * `{code: 1, message:"padID does not exist", data: null}`

* **getLastEdited(padID)** returns the timestamp of the last revision of the pad <br><br>*Example returns:*
  * `{code: 0, message:"ok", data: {lastEdited: 1340815946602}}`
  * `{code: 1, message:"padID does not exist", data: null}`
  
* **sendClientsMessage(padID, msg)** sends a custom message of type `msg` to the pad <br><br>*Example returns:*
  * `{code: 0, message:"ok", data: {}}`
  * `{code: 1, message:"padID does not exist", data: null}`