From cd772c03c31b7673da2bdd0fa31d89fb9d4cdc36 Mon Sep 17 00:00:00 2001 From: Pierre HUBERT Date: Mon, 16 Jul 2018 14:38:07 +0200 Subject: [PATCH] Can create posts for groups. --- RestControllers/PostsController.php | 40 +++++++-- classes/components/GroupsComponent.php | 34 ++++++++ classes/components/notifications.php | 29 ++++++- classes/components/posts.php | 116 +++++++++++++++++-------- classes/models/Notification.php | 1 + classes/models/Post.php | 16 ++++ 6 files changed, 189 insertions(+), 47 deletions(-) diff --git a/RestControllers/PostsController.php b/RestControllers/PostsController.php index 40ea997..f3e98cc 100644 --- a/RestControllers/PostsController.php +++ b/RestControllers/PostsController.php @@ -99,7 +99,11 @@ class PostsController { Rest_fatal_error(500, "Couldn't retrieve post informations !"); //Check if we can get the comments of the post - if(components()->user->allowComments($postInfos->get_user_page_id())) + $load_comments = TRUE; + if($postInfos->get_kind_page() == Posts::PAGE_KIND_USER) + $load_comments = components()->user->allowComments($postInfos->get_user_page_id()); + + if($load_comments) $postInfos->set_comments(components()->comments->get($postInfos->get_id())); //Parse post informations @@ -142,6 +146,20 @@ class PostsController { break; + + //In case of group + case "group": + + //Save the values + $kind_page = Posts::PAGE_KIND_GROUP; + $kind_page_id = getPostGroupIdWithAccess("kind-id", GroupInfo::MEMBER_ACCESS); + + //Check whether the user is authorized to create posts on the page or not + if(!components()->groups->canUserCreatePost(userID, $kind_page_id)) + Rest_fatal_error(401, "You are not authorized to create posts on this group!"); + + break; + //Unsupported kind of page default: Rest_fatal_error(500, "Unsupported kind of page !"); @@ -349,13 +367,19 @@ class PostsController { if($postID < 0) Rest_fatal_error(400, "Couldn't create post !"); - //Create a notification - $notification = new Notification(); - $notification->set_from_user_id(userID); - $notification->set_on_elem_id($postID); - $notification->set_on_elem_type(Notification::POST); - $notification->set_type(Notification::ELEM_CREATED); - components()->notifications->push($notification); + + if($post->get_kind_page() == Posts::PAGE_KIND_USER){ + + //Create a notification + $notification = new Notification(); + $notification->set_from_user_id(userID); + $notification->set_on_elem_id($postID); + $notification->set_on_elem_type(Notification::POST); + $notification->set_type(Notification::ELEM_CREATED); + components()->notifications->push($notification); + + } + //Success return array( diff --git a/classes/components/GroupsComponent.php b/classes/components/GroupsComponent.php index 73a40f1..a01dd5f 100644 --- a/classes/components/GroupsComponent.php +++ b/classes/components/GroupsComponent.php @@ -526,6 +526,40 @@ class GroupsComponent { return GroupInfo::NO_ACCESS; } + /** + * Check whether a user can create posts or not on a group + * + * @param int $userID The related user ID + * @param int $groupID The ID of the target group + * @return bool TRUE if the user is authorized / FALSE else + */ + public function canUserCreatePost(int $userID, int $groupID) : bool { + + //Get the membership level of the user over the post + $membership_level = $this->getMembershipLevel($userID, $groupID); + + //Moderators + administrators : can always create posts + if($membership_level == GroupMember::ADMINISTRATOR + || $membership_level == GroupMember::MODERATOR) + + return TRUE; + + if($membership_level == GroupMember::MEMBER) { + + //Get information about the group to check whether all the members of + //the group are authorized to create posts or not + $group = $this->get_advanced_info($groupID); + + if($group->get_posts_level() == GroupInfo::POSTS_LEVEL_ALL_MEMBERS) + return TRUE; + + } + + //Other members can not create posts + return FALSE; + + } + /** * Delete current group logo (if any) * diff --git a/classes/components/notifications.php b/classes/components/notifications.php index 9e5fe76..6f454cf 100644 --- a/classes/components/notifications.php +++ b/classes/components/notifications.php @@ -101,10 +101,20 @@ class notificationComponent { return false; //Update post informations - $notification->set_from_container_type(Notification::USER_PAGE); - $notification->set_from_container_id($info_post->get_user_page_id()); + if($info_post->get_kind_page() == Posts::PAGE_KIND_USER){ + $notification->set_from_container_type(Notification::USER_PAGE); + $notification->set_from_container_id($info_post->get_user_page_id()); + } + else if($info_post->get_kind_page() == Posts::PAGE_KIND_GROUP){ + $notification->set_from_container_type(Notification::GROUP_PAGE); + $notification->set_from_container_id($info_post->get_group_id()); + } + else + throw new Exception("Unsupported page kind: ".$info_post->get_kind_page()); + //Check if the notification is private or not + //Private posts if($info_post->get_visibility_level() == Posts::VISIBILITY_USER){ //Push the notification only to the user, and only if it is not him @@ -117,7 +127,9 @@ class notificationComponent { //Push the notification return $this->push_private($notification); } - else { + + //For the posts on user pages + else if($notification->get_from_container_type() == Notification::USER_PAGE) { //Get the list of friends of the user $friendslist = components()->friends->getList($notification->get_from_user_id()); @@ -146,6 +158,17 @@ class notificationComponent { } + //For the posts on groups + else if($notification->get_from_container_type() == Notification::GROUP_PAGE){ + //TODO : implement + return TRUE; + } + + //Unimplemented scenario + else { + throw new Exception("Notification scenarios not implemented!"); + } + } //Handles friendship request notifications diff --git a/classes/components/posts.php b/classes/components/posts.php index f79d3a3..1081917 100644 --- a/classes/components/posts.php +++ b/classes/components/posts.php @@ -39,6 +39,7 @@ class Posts { */ //Post on user page const PAGE_KIND_USER = "user"; + const PAGE_KIND_GROUP = "group"; /** * Kinds of post @@ -333,53 +334,83 @@ class Posts { //Check if the user is the owner of the post if($post_info->get_userID() == $userID) return $this::FULL_ACCESS; - - //Check if the post was made on the user page - if($post_info->get_user_page_id() == $userID) - return $this::INTERMEDIATE_ACCESS; - - //Check if the post is private - if($post_info->get_visibility_level() == $this::VISIBILITY_USER) - return $this::NO_ACCESS; - //Check if the post is for friends only - if($post_info->get_visibility_level() == $this::VISIBILITY_FRIENDS){ + //Special checks if the posts belongs to a user's page + if($post_info->get_kind_page() == Posts::PAGE_KIND_USER){ - //Check if user is signed in - if($userID == 0) + //Check if the post was made on the user page + if($post_info->get_user_page_id() == $userID) + return $this::INTERMEDIATE_ACCESS; + + //Check if the post is private + if($post_info->get_visibility_level() == $this::VISIBILITY_USER) return $this::NO_ACCESS; - //Check if this user and the owner of the page are friends or not - else if(!CS::get()->components->friends->are_friend($userID, $post_info->get_user_page_id())) - return $this::NO_ACCESS; - - else - //User can access the post - return $this::BASIC_ACCESS; - } + //Check if the post is for friends only + if($post_info->get_visibility_level() == $this::VISIBILITY_FRIENDS){ - //Check if the post is public - if($post_info->get_visibility_level() == $this::VISIBILITY_PUBLIC){ - - //Check if the two personns are friend - if($userID != 0){ - if(CS::get()->components->friends->are_friend($userID, $post_info->get_user_page_id())) + //Check if user is signed in + if($userID == 0) + return $this::NO_ACCESS; + + //Check if this user and the owner of the page are friends or not + else if(!CS::get()->components->friends->are_friend($userID, $post_info->get_user_page_id())) + return $this::NO_ACCESS; + + else + //User can access the post return $this::BASIC_ACCESS; } - //Get user visibility level - $visibilityLevel = CS::get()->components->user->getVisibility($post_info->get_user_page_id()); + //Check if the post is public + if($post_info->get_visibility_level() == $this::VISIBILITY_PUBLIC){ - //If the page is open, access is free - if($visibilityLevel == UserComponent::USER_PAGE_OPEN) + //Check if the two personns are friend + if($userID != 0){ + if(CS::get()->components->friends->are_friend($userID, $post_info->get_user_page_id())) + return $this::BASIC_ACCESS; + } + + //Get user visibility level + $visibilityLevel = CS::get()->components->user->getVisibility($post_info->get_user_page_id()); + + //If the page is open, access is free + if($visibilityLevel == UserComponent::USER_PAGE_OPEN) + return $this::BASIC_ACCESS; + + //Else check if the user is signed in and the page is public + else if($userID != 0 AND $visibilityLevel == UserComponent::USER_PAGE_PUBLIC) + return $this::BASIC_ACCESS; + + else + return $this::NO_ACCESS; + } + } + + //Checks if the posts belongs to a group's page + if($post_info->get_kind_page() == Posts::PAGE_KIND_GROUP){ + + //Get the access level of the user over the group + $access_level = components()->groups->getMembershipLevel($userID, $post_info->get_group_id()); + + //Moderators and administrators can delete all the posts of the group + if($access_level < GroupMember::MEMBER) + return $this::INTERMEDIATE_ACCESS; + + //Members of a group can see all the posts of the group + if($access_level == GroupMember::MEMBER) return $this::BASIC_ACCESS; - - //Else check if the user is signed in and the page is public - else if($userID != 0 AND $visibilityLevel == UserComponent::USER_PAGE_PUBLIC) - return $this::BASIC_ACCESS; - - else + + //Check if the post is public or not + if($post_info->get_visibility_level() != Posts::VISIBILITY_PUBLIC) return $this::NO_ACCESS; + + //Check if the group is open or not + if(!components()->groups->is_open($post_info->get_group_id())) + return $this::NO_ACCESS; + + // Post public + open group > basic access + return $this::BASIC_ACCESS; } //Not implemented @@ -417,6 +448,14 @@ class Posts { //Determine who is creating the post $post_user_id = $post->get_kind_page_id(); $post_friend_id = $post->get_kind_page_id() == $post->get_userID() ? 0 : $post->get_userID(); + $post_group_id = 0; + + } + else if($post->get_kind_page() == $this::PAGE_KIND_GROUP){ + + $post_user_id = $post->get_userID(); + $post_friend_id = 0; + $post_group_id = $post->get_kind_page_id(); } else { @@ -427,6 +466,7 @@ class Posts { $data = array( "ID_personne" => $post_user_id, "ID_amis" => $post_friend_id, + "group_id" => $post_group_id, "date_envoi" => mysql_date(), "time_insert" => time(), "texte" => $post->has_content() ? $post->get_content() : "", @@ -688,7 +728,11 @@ class Posts { //General information $post->set_id($entry["ID"]); $post->set_userID($entry["ID_amis"] == 0 ? $entry["ID_personne"] : $entry["ID_amis"]); + + //Determine the kind of target page and its ID $post->set_user_page_id($entry["ID_personne"]); + $post->set_group_id($entry["group_id"]); + $post->set_time_sent($entry["time_insert"] == null ? strtotime($entry["date_envoi"]) : $entry["time_insert"]); $post->set_content($entry["texte"]); $post->set_visibility_level($entry["niveau_visibilite"]); diff --git a/classes/models/Notification.php b/classes/models/Notification.php index e820a81..97b7aa3 100644 --- a/classes/models/Notification.php +++ b/classes/models/Notification.php @@ -11,6 +11,7 @@ class Notification { * Elements type */ const USER_PAGE = "user_page"; + const GROUP_PAGE = "group_page"; const CONVERSATION = "conversation"; const CONVERSATION_MESSAGE = "conversation_message"; const POST = "post"; diff --git a/classes/models/Post.php b/classes/models/Post.php index 822971a..bf51620 100644 --- a/classes/models/Post.php +++ b/classes/models/Post.php @@ -75,6 +75,22 @@ class Post extends BaseUniqueObjectFromUser { return $this->kind_page == Posts::PAGE_KIND_USER ? $this->kind_page_id : 0; } + //Set and get the target group ID + public function set_group_id(int $group_id){ + if($group_id > 0){ + $this->set_kind_page(Posts::PAGE_KIND_GROUP); + $this->kind_page_id = $group_id; + } + } + + public function has_group_id() : bool { + return $this->kind_page_id > 0 && $this->kind_page == Posts::PAGE_KIND_GROUP; + } + + public function get_group_id() : int { + return $this->kind_page == Posts::PAGE_KIND_GROUP ? $this->kind_page_id : 0; + } + //Set and get content public function set_content(string $content){