Get post access level

This commit is contained in:
Pierre 2018-01-04 13:59:48 +01:00
parent 96b4f6b99e
commit 7f6ac13d7d
3 changed files with 159 additions and 4 deletions

View File

@ -19,6 +19,21 @@ class Posts {
//Posts that can be seen by the user only //Posts that can be seen by the user only
const VISIBILITY_USER = 3; const VISIBILITY_USER = 3;
/**
* Access level to a post
*/
//When a user can't access to a post
const NO_ACCESS = 0;
//When a user can see a post and perform basic actions such as liking
const BASIC_ACCESS = 1;
//When a user has intermediate access to the post (delete post)
const INTERMEDIATE_ACCESS = 2;
//When a user has a full access to the post
const FULL_ACCESS = 3;
/** /**
* Table informations * Table informations
*/ */
@ -129,6 +144,111 @@ class Posts {
} }
/**
* Check whether a post exists or not
*
* @param int $postID The ID of the post to check
* @return bool TRUE if the post exists / FALSE else
*/
public function exist(int $postID) : bool {
//Perform a request on the database
return CS::get()->db->count($this::TABLE_NAME, "WHERE ID = ?", array($postID)) != 0;
}
/**
* Get the access level of a user about a post
*
* @param int $postID The ID of the post to get
* @param int $userID The ID of the user to check
* @return int The access level over the post
*/
public function access_level(int $postID, int $userID) : int {
//Get informations about the post
$post_infos = $this->get_single($postID);
//Check if the user is the owner of the post
if($post_infos['userID'] == $userID)
return $this::FULL_ACCESS;
//Check if the post was made on the user page
if($post_infos["user_page_id"] == $userID)
return $this::INTERMEDIATE_ACCESS;
//Check if the post is private
if($post_infos["visibility_level"] == $this::VISIBILITY_USER)
return $this::NO_ACCESS;
//Check if the post is for friends only
if($post_infos["visibility_level"] == $this::VISIBILITY_FRIENDS){
//Check if user is signed in
if($userID == 0)
return $this::NO_ACCESS;
//Check if this user and the owner of the page are friends or not
else if(!CS::get()->components->friends->are_friend($userID, $post_infos['user_page_id']))
return $this::NO_ACCESS;
else
//User can access the post
return $this::BASIC_ACCESS;
}
//Check if the post is public
if($post_infos['visibility_level'] == $this::VISIBILITY_PUBLIC){
//Check if the two personns are friend
if($userID != 0){
if(CS::get()->components->friends->are_friend($userID, $post_infos['user_page_id']))
return $this::BASIC_ACCESS;
}
//Get user visibility level
$visibilityLevel = CS::get()->components->user->getVisibility($post_infos['user_page_id']);
//If the page is open, access is free
if($visibilityLevel == User::USER_PAGE_OPEN)
return $this::BASIC_ACCESS;
//Else check if the user is signed in and the page is public
else if($userID != 0 AND $visibilityLevel == User::USER_PAGE_PUBLIC)
return $this::BASIC_ACCESS;
else
return $this::NO_ACCESS;
}
//Not implemented
return $this::NO_ACCESS;
}
/**
* Fetch a single post from the database
*
* @param int $postID The ID of the post to get
* @return array Informations about the post / empty array
* if the post was not found
*/
private function get_single(int $postID) : array {
//Perform a request on the database
$conditions = "WHERE ID = ?";
$values = array($postID);
$result = CS::get()->db->select($this::TABLE_NAME, $conditions, $values);
//Check if we got a response
if(count($result) == 0)
return array(); //Empty array = error
//Return parsed response
return $this->parse_post($result[0], false);
}
/** /**
* Parse a user post from the database into * Parse a user post from the database into
* the standardized version of post structure * the standardized version of post structure
@ -147,6 +267,9 @@ class Posts {
//Determine user ID //Determine user ID
$info["userID"] = $src["ID_amis"] == 0 ? $src["ID_personne"] : $src["ID_amis"]; $info["userID"] = $src["ID_amis"] == 0 ? $src["ID_personne"] : $src["ID_amis"];
//Determine user page ID
$info["user_page_id"] = $src["ID_personne"];
//Time when the message was sent //Time when the message was sent
$info["post_time"] = strtotime($src["date_envoi"]); $info["post_time"] = strtotime($src["date_envoi"]);

View File

@ -17,6 +17,14 @@ class User{
*/ */
private $userLoginAPItable = ""; private $userLoginAPItable = "";
/**
* Pages visiblity levels
*/
const USER_PAGE_PRIVATE = 0;
const USER_PAGE_PUBLIC = 1;
const USER_PAGE_OPEN = 2;
/** /**
* Public constructor * Public constructor
*/ */
@ -382,13 +390,13 @@ class User{
//Check if the page is public //Check if the page is public
if($result[0]["public"] == 0) if($result[0]["public"] == 0)
return 0; return $this::USER_PAGE_PRIVATE;
//Check if the page is open or not //Check if the page is open or not
if($result[0]["pageouverte"] == 1) if($result[0]["pageouverte"] == 1)
return 3; //Page open return $this::USER_PAGE_OPEN; //Page open
else else
return 2; //Public page return $this::USER_PAGE_PUBLIC; //Public page
} }

View File

@ -173,7 +173,7 @@ function getPostConversationID(string $name = "conversationID") : int {
//Get conversationID //Get conversationID
if(!isset($_POST[$name])) if(!isset($_POST[$name]))
Rest_fatal_error(400, "Exepted conversation ID in '".$name."' !"); Rest_fatal_error(400, "Excepted conversation ID in '".$name."' !");
$conversationID = toInt($_POST[$name]); $conversationID = toInt($_POST[$name]);
//Check conversationID validity //Check conversationID validity
@ -186,4 +186,28 @@ function getPostConversationID(string $name = "conversationID") : int {
return $conversationID; return $conversationID;
}
/**
* Get the ID of a post in a rest request
*
* @param string $name Optionnal, the name of the post id field
* @return int $postID The ID of the post
*/
function getPostPostID(string $name = "postID") : int {
//Get postID
if(!isset($_POST[$name]))
Rest_fatal_error(400, "Excepted post ID in '".$name."' !");
$postID = toInt($_POST[$name]);
//Check post ID validity
if($postID < 1)
Rest_fatal_error(400, "Invalid post ID!");
//Check if the post exists
if(!CS::get()->components->posts->exist($postID))
Rest_fatal_error(404, "Specified post does not exists!");
return $postID;
} }