ComunicAPI/RestControllers/userController.php

204 lines
5.2 KiB
PHP
Raw Normal View History

2017-05-17 12:43:12 +00:00
<?php
/**
* Main user controller file
*
* @author Pierre HUBERT
*/
//Enable access to exceptions handler
use \Jacwright\RestServer\RestException;
class userController
{
/**
* Try to connect user and return login tokens
*
* @url POST /user/connectUSER
*/
public function connectUSER(){
//Check variables sent in request
if(!isset($_POST['userMail']) OR !isset($_POST['userPassword']))
2017-06-19 08:36:39 +00:00
throw new RestException(400, "Missing data !");
2017-05-17 12:43:12 +00:00
//Retrieve database connection
$db = CS::get()->db;;
//Extract data
$userMail = $_POST["userMail"];
$userPassword = $_POST['userPassword'];
//Try to perform login
2018-04-11 08:45:22 +00:00
$loginTokens = CS::get()->components->account->generateUserLoginTokens($userMail, $userPassword, APIServiceID, $db);
2017-05-17 12:43:12 +00:00
if(count($loginTokens) == 0)
2017-05-17 12:43:12 +00:00
throw new RestException(401, "Invalid e-mail address / password !");
//Return result with tokens
return array(
"success" => "User logged in !",
"tokens" => array(
"token1" => $loginTokens[0],
"token2" => $loginTokens[1],
),
);
}
/**
* Request token delete (= disconnectUSER)
*
* @url POST /user/disconnectUSER
*/
public function disconnectUSER(){
2017-05-24 16:41:24 +00:00
user_login_required();
2017-05-17 12:43:12 +00:00
//Try to delete token
2018-04-11 08:45:22 +00:00
if(!CS::get()->components->account->deleteUserLoginToken(userID, APIServiceID))
2017-05-17 12:43:12 +00:00
throw new RestException(500, "Something went wrong while trying to logout user !");
//Everything is ok
return array("success" => "The user has been disconnected !");
}
/**
2017-05-27 10:12:21 +00:00
* Get informations about a user
2017-05-17 12:43:12 +00:00
*
2017-05-27 10:12:21 +00:00
* @url POST /user/getInfos
2017-05-27 12:09:05 +00:00
* @url POST /user/getInfosMultiple
* @return array The result
*/
2017-05-28 12:09:20 +00:00
public function getUserInfos() : array{
2017-05-27 12:09:05 +00:00
//Determine userID
2017-05-28 12:09:20 +00:00
if(isset($_POST['userID'])){
$usersID = array(toInt($_POST['userID']));
2017-05-27 12:09:05 +00:00
}
2017-05-28 12:09:20 +00:00
elseif(isset($_POST['usersID'])){
//Generate users ID list
$usersID = numbers_list_to_array($_POST['usersID']);
2017-05-28 12:09:20 +00:00
//Check for errors
if(count($usersID) == 0)
2017-05-28 12:09:20 +00:00
Rest_fatal_error(400, "No user ID were specified!");
}
else
//No ID specified
Rest_fatal_error(400, "Please specify at least one user ID !");
2017-05-27 13:11:17 +00:00
//Check if it is a wide request or not
if(count($usersID) <= 10)
//Try to get user infos
$userInfos = CS::get()->components->user->getMultipleUserInfos($usersID);
else {
//Divide request in multiples ones
$userInfos = array();
foreach(array_chunk($usersID, 10) as $process_users_ID){
//Get informations about the IDS
foreach(CS::get()->components->user->getMultipleUserInfos($process_users_ID) as $key=>$val){
$userInfos[$key] = $val;
}
}
}
2017-05-27 12:09:05 +00:00
//Check if response is empty
if(count($userInfos) == 0)
2017-05-28 12:09:20 +00:00
throw new RestException(401, "Couldn't get user data !");
2017-05-27 12:09:05 +00:00
//Return result
2017-05-27 13:11:17 +00:00
return $userInfos;
2017-05-27 12:09:05 +00:00
}
/**
* Get advanced user informations
*
* @url POST /user/getAdvancedUserInfos
*/
public function getAdvancedInfos(){
//Get the ID of the target user
$userID = getPostUserID("userID");
2017-12-17 11:30:05 +00:00
//Check if the user is allowed to get advanced user infromations
if(!CS::get()->components->user->userAllowed(userID, $userID))
Rest_fatal_error(401, "You are not allowed to access these information !");
//Get user informations
$userInfos = CS::get()->components->user->getUserInfos($userID, true);
//Check if we got a response
if(count($userInfos) == 0)
Rest_fatal_error(500, "Couldn't get informations about the user !");
//Get the number of friends (if allowed)
if($userInfos['friend_list_public'] === true){
$userInfos['number_friends'] = CS::get()->components->friends->count_all($userID);
}
else
//User friends won't be displayed
$userInfos["number_friends"] = 0;
2017-12-29 07:14:38 +00:00
2018-01-04 16:51:21 +00:00
//User can not post text on this page by default
$userInfos["can_post_texts"] = FALSE;
2017-12-29 07:14:38 +00:00
//Get some informations only is user is signed in
if(user_signed_in()){
$userInfos["user_like_page"] = CS::get()->components->likes->is_liking(userID, $userID, Likes::LIKE_USER);
2018-01-04 16:51:21 +00:00
//Check if the user can post texts on this page
$userInfos["can_post_texts"] =
//If it is his page, yes by default
userID == $userID ? TRUE :
//Else check friendship status
2018-01-06 17:26:02 +00:00
CS::get()->components->user->canCreatePosts(userID, $userID);
2017-12-29 07:14:38 +00:00
}
//Return user informations
return $userInfos;
}
2017-05-17 12:43:12 +00:00
/**
* Get current user infos using tokens
*
* @url POST /user/getCurrentUserID
*/
2017-05-27 10:12:21 +00:00
public function getCurrentUserID(){
2017-05-19 16:07:52 +00:00
user_login_required();
2017-05-17 12:43:12 +00:00
2017-06-03 12:53:47 +00:00
//Update last user activity
CS::get()->components->user->updateLastActivity(userID);
2017-05-19 16:07:52 +00:00
//Return userID
return array("userID" => userID);
2017-05-17 12:43:12 +00:00
}
2017-12-10 10:38:23 +00:00
/**
* Find user ID by a specified folder name
*
* @url POST /user/findbyfolder
*/
public function findUserByFolder(){
//Check for domain name
if(!isset($_POST['subfolder']))
Rest_fatal_error(400, "No subfolder specified!");
$input = safe_for_sql($_POST['subfolder']);
if(!check_string_before_insert($input))
Rest_fatal_error(401, "The request was cancelled because the query is unsafe !");
//Search user ID in the database
$id = CS::get()->components->user->findByFolder($input);
//Check for error
if($id === 0)
Rest_fatal_error(404, "No user was found with the specifed subfolder!");
//Return result
return array("userID" => $id);
}
2017-05-17 12:43:12 +00:00
}