2017-05-17 12:43:12 +00:00
|
|
|
<?php
|
|
|
|
/**
|
|
|
|
* Main user controller file
|
|
|
|
*
|
|
|
|
* @author Pierre HUBERT
|
|
|
|
*/
|
|
|
|
|
|
|
|
//Enable access to exceptions handler
|
|
|
|
use \Jacwright\RestServer\RestException;
|
|
|
|
|
|
|
|
class userController
|
|
|
|
{
|
|
|
|
/**
|
|
|
|
* Try to connect user and return login tokens
|
|
|
|
*
|
|
|
|
* @url POST /user/connectUSER
|
|
|
|
*/
|
|
|
|
public function connectUSER(){
|
|
|
|
//Check variables sent in request
|
|
|
|
if(!isset($_POST['userMail']) OR !isset($_POST['userPassword']))
|
2017-06-19 08:36:39 +00:00
|
|
|
throw new RestException(400, "Missing data !");
|
2017-05-17 12:43:12 +00:00
|
|
|
|
|
|
|
//Retrieve database connection
|
|
|
|
$db = CS::get()->db;;
|
|
|
|
|
|
|
|
//Extract data
|
|
|
|
$userMail = $_POST["userMail"];
|
|
|
|
$userPassword = $_POST['userPassword'];
|
|
|
|
|
|
|
|
//Try to perform login
|
2017-06-03 12:24:45 +00:00
|
|
|
$loginTokens = CS::get()->components->user->generateUserLoginTokens($userMail, $userPassword, APIServiceID, $db);
|
2017-05-17 12:43:12 +00:00
|
|
|
|
2017-10-31 13:25:33 +00:00
|
|
|
if(count($loginTokens) == 0)
|
2017-05-17 12:43:12 +00:00
|
|
|
throw new RestException(401, "Invalid e-mail address / password !");
|
|
|
|
|
|
|
|
//Return result with tokens
|
|
|
|
return array(
|
|
|
|
"success" => "User logged in !",
|
|
|
|
"tokens" => array(
|
|
|
|
"token1" => $loginTokens[0],
|
|
|
|
"token2" => $loginTokens[1],
|
|
|
|
),
|
|
|
|
);
|
|
|
|
}
|
|
|
|
|
|
|
|
/**
|
|
|
|
* Request token delete (= disconnectUSER)
|
|
|
|
*
|
|
|
|
* @url POST /user/disconnectUSER
|
|
|
|
*/
|
|
|
|
public function disconnectUSER(){
|
|
|
|
|
2017-05-24 16:41:24 +00:00
|
|
|
user_login_required();
|
2017-05-17 12:43:12 +00:00
|
|
|
|
|
|
|
//Try to delete token
|
2017-06-03 12:24:45 +00:00
|
|
|
if(!CS::get()->components->user->deleteUserLoginToken(userID, APIServiceID))
|
2017-05-17 12:43:12 +00:00
|
|
|
throw new RestException(500, "Something went wrong while trying to logout user !");
|
|
|
|
|
|
|
|
//Everything is ok
|
|
|
|
return array("success" => "The user has been disconnected !");
|
|
|
|
}
|
|
|
|
|
|
|
|
/**
|
2017-05-27 10:12:21 +00:00
|
|
|
* Get informations about a user
|
2017-05-17 12:43:12 +00:00
|
|
|
*
|
2017-05-27 10:12:21 +00:00
|
|
|
* @url POST /user/getInfos
|
2017-05-27 12:09:05 +00:00
|
|
|
* @url POST /user/getInfosMultiple
|
|
|
|
* @return array The result
|
|
|
|
*/
|
2017-05-28 12:09:20 +00:00
|
|
|
public function getUserInfos() : array{
|
2017-05-27 12:09:05 +00:00
|
|
|
user_login_required();
|
|
|
|
|
|
|
|
//Determine userID
|
2017-05-28 12:09:20 +00:00
|
|
|
if(isset($_POST['userID'])){
|
2017-06-18 08:07:52 +00:00
|
|
|
$usersID = array(toInt($_POST['userID']));
|
2017-05-27 12:09:05 +00:00
|
|
|
}
|
2017-05-28 12:09:20 +00:00
|
|
|
elseif(isset($_POST['usersID'])){
|
|
|
|
//Generate users ID list
|
2017-06-25 16:09:18 +00:00
|
|
|
$usersID = numbers_list_to_array($_POST['usersID']);
|
2017-06-18 08:07:52 +00:00
|
|
|
|
2017-05-28 12:09:20 +00:00
|
|
|
//Check for errors
|
2017-06-18 08:07:52 +00:00
|
|
|
if(count($usersID) == 0)
|
2017-05-28 12:09:20 +00:00
|
|
|
Rest_fatal_error(400, "No user ID were specified!");
|
|
|
|
}
|
|
|
|
else
|
|
|
|
//No ID specified
|
|
|
|
Rest_fatal_error(400, "Please specify at least one user ID !");
|
2017-05-27 13:11:17 +00:00
|
|
|
|
2017-07-01 08:49:07 +00:00
|
|
|
//Check if it is a wide request or not
|
|
|
|
if(count($usersID) <= 10)
|
|
|
|
//Try to get user infos
|
|
|
|
$userInfos = CS::get()->components->user->getMultipleUserInfos($usersID);
|
|
|
|
else {
|
|
|
|
//Divide request in multiples ones
|
|
|
|
$userInfos = array();
|
|
|
|
foreach(array_chunk($usersID, 10) as $process_users_ID){
|
|
|
|
|
|
|
|
//Get informations about the IDS
|
|
|
|
foreach(CS::get()->components->user->getMultipleUserInfos($process_users_ID) as $key=>$val){
|
|
|
|
$userInfos[$key] = $val;
|
|
|
|
}
|
|
|
|
}
|
|
|
|
}
|
2017-05-27 12:09:05 +00:00
|
|
|
|
|
|
|
//Check if response is empty
|
|
|
|
if(count($userInfos) == 0)
|
2017-05-28 12:09:20 +00:00
|
|
|
throw new RestException(401, "Couldn't get user data !");
|
2017-05-27 12:09:05 +00:00
|
|
|
|
|
|
|
//Return result
|
2017-05-27 13:11:17 +00:00
|
|
|
return $userInfos;
|
2017-05-27 12:09:05 +00:00
|
|
|
}
|
|
|
|
|
2017-12-16 14:30:04 +00:00
|
|
|
/**
|
|
|
|
* Get advanced user informations
|
|
|
|
*
|
|
|
|
* @url POST /user/getAdvancedUserInfos
|
|
|
|
*/
|
|
|
|
public function getAdvancedInfos(){
|
|
|
|
|
|
|
|
//Get the ID of the target user
|
|
|
|
if(!isset($_POST["userID"]))
|
|
|
|
Rest_fatal_error(400, "Please specify a user ID!");
|
|
|
|
|
|
|
|
$userID = toInt($_POST["userID"]);
|
|
|
|
|
|
|
|
//Check if the user is allowed to get advanced user infromations
|
|
|
|
if(!CS::get()->components->user->userAllowed(userID, $userID))
|
|
|
|
Rest_fatal_error(401, "You are not allowed to access these information !");
|
|
|
|
|
2017-12-16 15:26:42 +00:00
|
|
|
//Get user informations
|
|
|
|
$userInfos = CS::get()->components->user->getUserInfos($userID, true);
|
|
|
|
|
|
|
|
//Check if we got a response
|
|
|
|
if(count($userInfos) == 0)
|
|
|
|
Rest_fatal_error(500, "Couldn't get informations about the user !");
|
|
|
|
|
|
|
|
//Return user informations
|
|
|
|
return $userInfos;
|
2017-12-16 14:30:04 +00:00
|
|
|
|
|
|
|
}
|
|
|
|
|
2017-05-17 12:43:12 +00:00
|
|
|
/**
|
|
|
|
* Get current user infos using tokens
|
|
|
|
*
|
|
|
|
* @url POST /user/getCurrentUserID
|
|
|
|
*/
|
2017-05-27 10:12:21 +00:00
|
|
|
public function getCurrentUserID(){
|
2017-05-19 16:07:52 +00:00
|
|
|
user_login_required();
|
2017-05-17 12:43:12 +00:00
|
|
|
|
2017-06-03 12:53:47 +00:00
|
|
|
//Update last user activity
|
|
|
|
CS::get()->components->user->updateLastActivity(userID);
|
|
|
|
|
2017-05-19 16:07:52 +00:00
|
|
|
//Return userID
|
|
|
|
return array("userID" => userID);
|
2017-05-17 12:43:12 +00:00
|
|
|
}
|
2017-12-10 10:38:23 +00:00
|
|
|
|
|
|
|
/**
|
|
|
|
* Find user ID by a specified folder name
|
|
|
|
*
|
|
|
|
* @url POST /user/findbyfolder
|
|
|
|
*/
|
|
|
|
public function findUserByFolder(){
|
|
|
|
|
|
|
|
//Check for domain name
|
|
|
|
if(!isset($_POST['subfolder']))
|
|
|
|
Rest_fatal_error(400, "No subfolder specified!");
|
|
|
|
|
|
|
|
$input = safe_for_sql($_POST['subfolder']);
|
|
|
|
|
|
|
|
if(!check_string_before_insert($input))
|
|
|
|
Rest_fatal_error(401, "The request was cancelled because the query is unsafe !");
|
|
|
|
|
|
|
|
//Search user ID in the database
|
|
|
|
$id = CS::get()->components->user->findByFolder($input);
|
|
|
|
|
|
|
|
//Check for error
|
|
|
|
if($id === 0)
|
|
|
|
Rest_fatal_error(404, "No user was found with the specifed subfolder!");
|
|
|
|
|
|
|
|
//Return result
|
|
|
|
return array("userID" => $id);
|
|
|
|
|
|
|
|
}
|
2017-05-17 12:43:12 +00:00
|
|
|
}
|