MokoConsulting/MokoJoomCommunity
1
0
Fork 0
Code Issues 78 Pull Requests Packages Projects Releases 1 Wiki Activity

[MokoCBRegGuard] [FEATURE] Joomla Web Services API for registration logs #17

New Issue
Closed
opened 2026-06-02 19:31:34 +00:00 by jmiller · 1 comment
jmiller commented 2026-06-02 19:31:34 +00:00
Owner
Copy Link
Copy Source

Migrated from MokoCBRegGuard#24

Feature Description

Add a Joomla Web Services API plugin that exposes the #__cbregguard_log table via RESTful endpoints, enabling external tools and moderators to query, filter, and action flagged registrations programmatically.

Problem or Use Case

Moderators and external systems (dashboards, Slack bots, monitoring tools) have no programmatic access to registration guard data. All interaction requires direct database access or the Joomla admin UI.

Proposed Solution

Create a separate Joomla webservices plugin that registers API routes via onBeforeApiRoute:

Endpoints:

  • GET /api/v1/cbregguard/logs - List logs with filtering (risk_level, date range, IP, user_id) and pagination
  • GET /api/v1/cbregguard/logs/{id} - Get single log entry
  • PATCH /api/v1/cbregguard/logs/{id} - Update moderator_action (approved, blocked, watching)
  • DELETE /api/v1/cbregguard/logs/{id} - Delete a log entry
  • GET /api/v1/cbregguard/stats - Summary statistics (counts by risk level, recent activity)

Authentication: Joomla API tokens (X-Joomla-Token header), requiring core.manage permission.

Alternative Solutions

  • Direct database queries via phpMyAdmin (not user-friendly, no access control)
  • Custom Joomla component with its own admin views (heavier, more maintenance)
  • CB backend tab only (#15) (no programmatic access for external tools)

Benefits

  • Who: Site moderators, DevOps teams, external monitoring tools
  • Problem solved: Enables programmatic access to registration guard data
  • Value: Integrations with Slack/Discord alerts, custom dashboards, automated workflows

Implementation Details (Optional)

  • Separate webservices plugin: plugins/webservices/cbregguard/
  • API component: api/components/com_cbregguard/
  • Controller extends Joomla\CMS\MVC\Controller\ApiController
  • Views extend Joomla\CMS\MVC\View\JsonApiView (JSON:API v1.0 spec)
  • Route registration via ApiRouter::createCRUDRoutes()
  • Access control: require core.manage for write operations
  • Compatible with Joomla 4.x and 5.x

Relevant Standards

  • Security best practices
  • Code quality standards
  • Other: JSON:API v1.0 specification

Checklist

  • I have searched for similar feature requests before creating this one
  • I have clearly described the use case and benefits
  • I have considered alternative solutions
  • This feature aligns with the project's goals and scope
> Migrated from MokoCBRegGuard#24 ## Feature Description Add a Joomla Web Services API plugin that exposes the `#__cbregguard_log` table via RESTful endpoints, enabling external tools and moderators to query, filter, and action flagged registrations programmatically. ## Problem or Use Case Moderators and external systems (dashboards, Slack bots, monitoring tools) have no programmatic access to registration guard data. All interaction requires direct database access or the Joomla admin UI. ## Proposed Solution Create a separate Joomla webservices plugin that registers API routes via `onBeforeApiRoute`: **Endpoints:** - `GET /api/v1/cbregguard/logs` - List logs with filtering (risk_level, date range, IP, user_id) and pagination - `GET /api/v1/cbregguard/logs/{id}` - Get single log entry - `PATCH /api/v1/cbregguard/logs/{id}` - Update moderator_action (approved, blocked, watching) - `DELETE /api/v1/cbregguard/logs/{id}` - Delete a log entry - `GET /api/v1/cbregguard/stats` - Summary statistics (counts by risk level, recent activity) **Authentication:** Joomla API tokens (X-Joomla-Token header), requiring core.manage permission. ## Alternative Solutions - Direct database queries via phpMyAdmin (not user-friendly, no access control) - Custom Joomla component with its own admin views (heavier, more maintenance) - CB backend tab only (#15) (no programmatic access for external tools) ## Benefits - **Who:** Site moderators, DevOps teams, external monitoring tools - **Problem solved:** Enables programmatic access to registration guard data - **Value:** Integrations with Slack/Discord alerts, custom dashboards, automated workflows ## Implementation Details (Optional) - Separate webservices plugin: `plugins/webservices/cbregguard/` - API component: `api/components/com_cbregguard/` - Controller extends `Joomla\CMS\MVC\Controller\ApiController` - Views extend `Joomla\CMS\MVC\View\JsonApiView` (JSON:API v1.0 spec) - Route registration via `ApiRouter::createCRUDRoutes()` - Access control: require `core.manage` for write operations - Compatible with Joomla 4.x and 5.x ## Relevant Standards - [x] Security best practices - [x] Code quality standards - [ ] Other: JSON:API v1.0 specification ## Checklist - [x] I have searched for similar feature requests before creating this one - [x] I have clearly described the use case and benefits - [x] I have considered alternative solutions - [x] This feature aligns with the project's goals and scope
jmiller added the pending: testingregguard labels 2026-06-02 19:52:02 +00:00
jmiller commented 2026-06-02 19:53:58 +00:00
Author
Owner
Copy Link
Copy Source

Duplicate of #16 — both covered by the REST API plugin (plg_webservices_mokojoomcommunity)

Duplicate of #16 — both covered by the REST API plugin (plg_webservices_mokojoomcommunity)
Sign in to join this conversation.
Labels
Clear labels
admin-ui
Admin interface work
 bug: critical
Critical bug blocking functionality
 enhancement
Feature enhancement or improvement
 membership
Membership/subscription related
 obsolete
No longer applicable after repo consolidation
 payments
Payment system related
 pending: testing
Feature built, needs testing before close
 regguard
Registration guard related
 social-login
Social login related
bug
Something is not working
 chore
Maintenance and housekeeping
 documentation
Documentation improvements
 enhancement
Improvement to existing functionality
 feature
New feature or request
 pending: dependency
Blocked by another issue or external dependency
 pending: deployment
Tested and approved, awaiting deployment to production
 pending: design
Needs UI/UX or architecture design before implementation
 pending: documentation
Feature works, needs documentation/wiki update
 pending: feedback
Awaiting feedback or decision from stakeholder
 pending: review
Implementation complete, awaiting code review
 pending: testing
Feature implemented but not yet tested
 priority: critical
Must fix immediately
 priority: high
Should fix soon
 priority: low
Nice to have
 priority: medium
Fix when convenient
 refactor
Code restructuring without behavior change
 roadmap
Planned feature or enhancement tracked on the roadmap
 scope: client
Client-specific work
 scope: dolibarr
Dolibarr modules and customizations
 scope: infrastructure
Server, CI, backups, monitoring
 scope: joomla
Joomla templates and extensions
 scope: waas
MokoWaaS platform
 security
Security vulnerability or hardening
 status: blocked
Waiting on external dependency
 status: duplicate
Duplicate of another issue
 status: in-progress
Being worked on
 status: needs-review
Ready for review
 status: wontfix
Will not be addressed
No labels pending: testing regguard
Milestone
No items
No Milestone
Projects
Clear projects
No projects
Assignees
Clear assignees
jmiller (Jonathan Miller)
No Assignees
1 Participants
Notifications
Due Date
No due date set.
Dependencies

No dependencies set.

Reference: MokoConsulting/MokoJoomCommunity#17
Delete Branch "%!s()"

Deleting a branch is permanent. Although the deleted branch may continue to exist for a short time before it actually gets removed, it CANNOT be undone in most cases. Continue?