Disclaimer: I don't know what are the intents of @nuxsmin for the API behavior, this is just the details I've picked upped on.
And also API authorizations:

I am running some testing on the API using python and here's what I noticed so far:
GENERAL
Items ID increases even after deletion.
WORKING
MISWORKING
MISSING (API AUTHORIZATIONS <=> API SERVICE)
QUESTIONS
SUGGESTIONS
@nuxsmin fixing the tag / category / client search could be nice as it would be easier for dynamic creation.
Edit: Actually, it's not possible without it.
@GGOUSSEAUD taking a slight check out to the code it should work, since every method is implemented and use the same code as on the web UI. Please let me take a deeper look to find out what could be happening.
I've checked out the API authorizations on the web UI and they're listed in the select box.
Regarding the backup feature, it performs a database and application backup as done on the web UI. It makes possible to automate sysPass backups through the API using a cron task or whatever you want.
Regards
Regarding the suggestion I agree with you, it should be implemented (not done yet because it would need some time to code that would be worth to spend in other critical tasks)
Thanks for the feedback!
Hayo @nuxsmin !
What I meant by MISSING (API AUTHORIZATIONS <=> API SERVICE) is that these actions are listed in the API auth but not in the current API service (account/view is here for example but none concerning tag/category/client).
Best of luck with your coding, let me know if you need anything.
Okay!, that's right, they aren't listed in the API help. It was noted for reviewing, since it's an ugly piece of code that does not fit in a service class...
Thanks for the feedback!
Hi! some of the above issues should be fixed in latest commit
Searches now work fine! Great job! Im getting german langage now but I guess that's fine x)
@nuxsmin
Bump, any hope of seeing edit password / Account edit around the corner for v3?
@GGOUSSEAUD sure, it'll be ready shortly.
@nuxsmin
Notes:
curl -H 'Content-Type: application/json' -X POST -d '{"jsonrpc": "2.0","method":"account/create", "id" : "1", "params": {}}' http://demo-beta.syspass.org:10080/api.php | json_pp
does
{
"jsonrpc" : "2.0",
"error" : {
"code" : -32600,
"message" : "Invalid format",
"data" : null
},
"id" : 0
}
Works only if missing params are to be but not using empty params.
curl -H 'Content-Type: application/json' -X POST -d '{"jsonrpc": "2.0","method":"account/create", "id" : "1", "params": {"authToken": "8ea30e82647c13a5f98e3c5faab6e2b3dfe7b8d1e9cdadb651ffc391350cc5f7"}}' http://demo-beta.syspass.org:10080/api.php | json_pp > acc_create_help.json
does
{
"error" : {
"code" : -32602,
"data" : {
"help" : [
{
"tokenPass" : {
"required" : true,
"description" : "Token's password"
}
},
{
"name" : {
"required" : true,
"description" : "Account name"
}
},
{
"categoryId" : {
"description" : "Category Id",
"required" : true
}
},
{
"clientId" : {
"description" : "Client Id",
"required" : true
}
},
{
"pass" : {
"required" : true,
"description" : "Password"
}
},
{
"login" : {
"description" : "Access user",
"required" : false
}
},
{
"url" : {
"description" : "Access URL or IP",
"required" : false
}
},
{
"notes" : {
"required" : false,
"description" : "Notes about the account"
}
},
{
"private" : {
"required" : false,
"description" : "Private Account"
}
},
{
"privateGroup" : {
"description" : "Private Account for Group",
"required" : false
}
},
{
"expireDate" : {
"required" : false,
"description" : "Password Expiry Date"
}
},
{
"parentId" : {
"description" : "Linked Account",
"required" : false
}
},
{
"tagsId" : {
"description" : "Array with tags id",
"required" : false
}
}
]
},
"message" : "Wrong parameters"
},
"jsonrpc" : "2.0",
"id" : 1
}
curl -H 'Content-Type: application/json' -X POST -d '{"jsonrpc": "2.0","method":"account/create", "id" : "1", "params": {"authToken": "8ea30e82647c13a5f98e3c5faab6e2b3dfe7b8d1e9cdadb651ffc391350cc5f7", "name": "broken", "categoryId": 1, "clientId": 1, "pass": "flipflop", "tokenPass": "@2kVk?ah*o94", "login": "logont", "url": "urlont"}}' http://demo-beta.syspass.org:10080/api.php | json_pp
With tags too:
curl -H 'Content-Type: application/json' -X POST -d '{"jsonrpc": "2.0","method":"account/create", "id" : "1", "params": {"authToken": "8ea30e82647c13a5f98e3c5faab6e2b3dfe7b8d1e9cdadb651ffc391350cc5f7", "name": "brokenwtags", "categoryId": 1, "clientId": 1, "pass": "flipflop", "tokenPass": "@2kVk?ah*o94", "login": "logont", "url": "urlont", "tagsId": [1,2,3]}}' http://demo-beta.syspass.org:10080/api.php | json_pp
But no info about tags in response?
{
"jsonrpc" : "2.0",
"result" : {
"count" : null,
"result" : {
"passDate" : 1535449771,
"userEditId" : 2,
"parentId" : 0,
"name" : "brokenwtags",
"otherUserGroupEdit" : "0",
"notes" : "",
"userId" : 2,
"publicLinkHash" : null,
"dateAdd" : "2018-08-28 09:49:31",
"userGroupName" : "Admins",
"clientId" : 1,
"userEditName" : "sysPass demo",
"login" : "logont",
"userGroupId" : 1,
"id" : 150,
"isPrivateGroup" : "0",
"userLogin" : "demo",
"userEditLogin" : "demo",
"key" : "",
"countDecrypt" : 0,
"pass" : "",
"url" : "urlont",
"countView" : 0,
"categoryName" : "Web Service",
"isPrivate" : "0",
"categoryId" : 1,
"dateEdit" : null,
"clientName" : "Google Inc",
"passDateChange" : 0,
"otherUserEdit" : "0",
"userName" : "sysPass demo"
},
"resultCode" : 0,
"resultMessage" : "Account added",
"itemId" : 150
},
"id" : 1
}
Hello @GGOUSSEAUD
Help class does not return help payload upon giving empty payload params such as:
That's is right, since API initialization does not take place until you provide a valid token. It isn't a security mechanism, but a performance optimization instead.
Regarding extra info in payload like tags, custom fields, permissions, etc. I'm currently analyzing how to implement it in a proper way, in order to make a consistent response across methods.
Any list of updated methods present anywhere? Since old ApiService help has been shut down.
account/edit and account/editPass doesn't seem to return any help.
Unfortunately, I'm the only one developing sysPass, so some low-medium priority things (doc, web, etc.) need to be delayed until high ones becomes ready (development and testing), despite of the fact some never ends, but need to be finished in a point release like v3.0.
BTW API help could be reviewed through the code on https://github.com/nuxsmin/sysPass/tree/devel-3.0/app/modules/api/Controllers/Help or issuing an API request using the auth token :wink:
Thanks for testing and feedback!
@nuxsmin
I know you're alone on this, props to you you're doing good ;)
Concerning api help for edit and editPass, I realized that I needed user permission to even make the help request.
I've sent you a pm on gitter about something if you're interested.
Best of luck.