From 85bf596e5470a87afadad1c885b2f40e660399c9 Mon Sep 17 00:00:00 2001 From: Pierre Date: Sun, 24 Dec 2017 17:45:05 +0100 Subject: [PATCH] First post request --- RestControllers/friendsController.php | 6 +- RestControllers/postsController.php | 29 +++++++++- classes/components/posts.php | 79 +++++++++++++++++++++++++++ functions/requests.php | 27 +++++++++ 4 files changed, 135 insertions(+), 6 deletions(-) diff --git a/RestControllers/friendsController.php b/RestControllers/friendsController.php index f0d580c..d1aab33 100644 --- a/RestControllers/friendsController.php +++ b/RestControllers/friendsController.php @@ -162,12 +162,8 @@ class friendsController{ user_login_required(); //Login required - //Check if the a friendID has been specified - if(!isset($_POST['friendID'])) - Rest_fatal_error(400, "Please specify a friend ID !"); - //Get it - $friendID = toInt($_POST['friendID']); + $friendID = getPostUserID('friendID'); //Prepare the response $response = array( diff --git a/RestControllers/postsController.php b/RestControllers/postsController.php index 080aff7..3e4564f 100644 --- a/RestControllers/postsController.php +++ b/RestControllers/postsController.php @@ -8,5 +8,32 @@ */ class postsController { - + + /** + * Get user posts + * + * @url POST /posts/get_user + */ + public function getUserPosts(){ + + //Get user ID + $userID = getPostUserID("userID"); + + //Check if user is allowed to access informations or not + if(!CS::get()->components->user->userAllowed(userID, $userID)) + Rest_fatal_error(401, "You are not allowed to access this user posts !"); + + //Check if there is a startpoint for the posts + if(isset($_POST['startFrom'])){ + $startFrom = toInt($_POST['startFrom']); + } + else + $startFrom = 0; //No start point + + //Get visibility level for the post + $visibility_level = CS::get()->components->posts->getUserVisibility(userID, $userID); + + return CS::get()->components->posts->getUserPosts(userID, $userID, $visibility_level, $startFrom); + } + } \ No newline at end of file diff --git a/classes/components/posts.php b/classes/components/posts.php index 8ebe000..5a32b48 100644 --- a/classes/components/posts.php +++ b/classes/components/posts.php @@ -7,6 +7,85 @@ class Posts { + /** + * Visibility levels + */ + //Posts that can be seen by anyone + const VISIBILITY_PUBLIC = 1; + + //Posts that can be seen by the friends of the user + const VISIBILITY_FRIENDS = 2; + + //Posts that can be seen by the user only + const VISIBILITY_USER = 3; + + /** + * Table name + */ + const TABLE_NAME = "texte"; + + /** + * Get the visibility level of a user other another user + * + * @param int $userID The ID of the user to fetch + * @param int $targetID The ID of the user target + * @return int Visibility level + */ + public function getUserVisibility(int $userID, int $targetID) : int { + + //If the user making the request and the target user are the same + if($userID == $targetID) + return $this::VISIBILITY_USER; + + //Check user if is signed out + if($userID == 0) + return $this::VISIBILITY_PUBLIC; + + //Check if the two users are friends or not + if(CS::get()->components->friends->are_friend($userID, $targetID)) + //Users are friends + return $this::VISIBILITY_FRIENDS; + + else + //Users are not friend + return $this::VISIBILITY_PUBLIC; + + } + + /** + * Get a list of post of a user + * + * @param int $userID The ID of the user making the request + * @param int $targetID The ID of the target user + * @param int $visibilityLevel Visibility level required + * @param int $startPoint The startpoint for the request (0 stands for none) + */ + public function getUserPosts(int $userID, int $targetID, int $visibilityLevel, int $startPoint = 0) : array { + + //Prepare the request on the database + $conditions = "WHERE ID_personne = ? AND ("; + $dataConds = array($targetID); + + //Add the visibility level conditions + $conditions .= "(niveau_visibilite <= ?)"; + $dataConds[] = $visibilityLevel; + + //If user is signed in, include all the posts that he has created + if($userID > 0){ + $conditions .= " OR (ID_amis = ?) "; + $dataConds[] = $userID; + } + + //Close conditions + $conditions .= ")"; + + //Perform the request + return CS::get()->db->select( + $this::TABLE_NAME, + $conditions, + $dataConds + ); + } } //Register component diff --git a/functions/requests.php b/functions/requests.php index 846d54e..f52d818 100644 --- a/functions/requests.php +++ b/functions/requests.php @@ -133,4 +133,31 @@ function check_user_id(int $userID) : bool { return false; //Invalid return true; //Valid +} + +/** + * Get userID posted in a request and return it if there + * isn't any error + * + * @param string $name Optionnal, the name of the post field + * @return int User ID + * @throws RestError in case of error + */ +function getPostUserID(string $name = "userID") : int { + + //Get userID post + if(!isset($_POST[$name])) + Rest_fatal_error(400, "Please specify a userID in '".$name."' !"); + + $userID = toInt($_POST[$name]); + + //Check userID validity + if(!check_user_id($userID)) + Rest_fatal_error(400, "Invalid userID in '".$name."' !"); + + //Check if user exits + if(!CS::get()->components->user->exists($userID)) + Rest_fatal_error(404, "Specified user in '".$name."' not found !"); + + return $userID; } \ No newline at end of file