This repository has been archived on 2025-02-26. You can view files and clone it, but cannot push or open issues or pull requests.
szurubooru/src/Controllers/UserController.php

152 lines
4.9 KiB
PHP
Raw Normal View History

2014-08-31 13:34:31 +02:00
<?php
namespace Szurubooru\Controllers;
final class UserController extends AbstractController
{
2014-09-06 10:00:26 +02:00
private $privilegeService;
2014-08-31 17:42:48 +02:00
private $userService;
private $tokenService;
2014-09-04 19:57:06 +02:00
private $inputReader;
2014-09-05 19:18:49 +02:00
private $userViewProxy;
2014-08-31 13:34:31 +02:00
2014-08-31 14:07:46 +02:00
public function __construct(
2014-09-06 10:00:26 +02:00
\Szurubooru\Services\PrivilegeService $privilegeService,
2014-08-31 14:07:46 +02:00
\Szurubooru\Services\UserService $userService,
\Szurubooru\Services\TokenService $tokenService,
2014-09-05 19:18:49 +02:00
\Szurubooru\Helpers\InputReader $inputReader,
\Szurubooru\Controllers\ViewProxies\UserViewProxy $userViewProxy)
2014-08-31 13:34:31 +02:00
{
2014-09-06 10:00:26 +02:00
$this->privilegeService = $privilegeService;
2014-08-31 13:34:31 +02:00
$this->userService = $userService;
$this->tokenService = $tokenService;
2014-09-04 19:57:06 +02:00
$this->inputReader = $inputReader;
2014-09-05 19:18:49 +02:00
$this->userViewProxy = $userViewProxy;
2014-08-31 13:34:31 +02:00
}
public function registerRoutes(\Szurubooru\Router $router)
{
$router->post('/api/users', [$this, 'createUser']);
$router->get('/api/users', [$this, 'getFiltered']);
$router->get('/api/users/:userNameOrEmail', [$this, 'getByNameOrEmail']);
$router->put('/api/users/:userNameOrEmail', [$this, 'updateUser']);
$router->delete('/api/users/:userNameOrEmail', [$this, 'deleteUser']);
$router->post('/api/password-reset/:userNameOrEmail', [$this, 'passwordReset']);
$router->post('/api/finish-password-reset/:tokenName', [$this, 'finishPasswordReset']);
$router->post('/api/activation/:userNameOrEmail', [$this, 'activation']);
$router->post('/api/finish-activation/:tokenName', [$this, 'finishActivation']);
2014-08-31 13:34:31 +02:00
}
public function getByNameOrEmail($userNameOrEmail)
2014-09-05 13:50:51 +02:00
{
$user = $this->userService->getByNameOrEmail($userNameOrEmail);
2014-09-05 19:18:49 +02:00
return $this->userViewProxy->fromEntity($user);
2014-09-05 13:50:51 +02:00
}
public function getFiltered()
{
$this->privilegeService->assertPrivilege(\Szurubooru\Privilege::LIST_USERS);
2014-09-04 19:57:06 +02:00
$formData = new \Szurubooru\FormData\SearchFormData($this->inputReader);
$searchResult = $this->userService->getFiltered($formData);
2014-09-23 20:45:59 +02:00
$entities = $this->userViewProxy->fromArray($searchResult->getEntities());
return [
'data' => $entities,
2014-09-23 20:45:59 +02:00
'pageSize' => $searchResult->getPageSize(),
'totalRecords' => $searchResult->getTotalRecords()];
}
public function createUser()
2014-08-31 13:34:31 +02:00
{
$this->privilegeService->assertPrivilege(\Szurubooru\Privilege::REGISTER);
$formData = new \Szurubooru\FormData\RegistrationFormData($this->inputReader);
$user = $this->userService->createUser($formData);
return $this->userViewProxy->fromEntity($user);
2014-08-31 13:34:31 +02:00
}
public function updateUser($userNameOrEmail)
2014-08-31 13:34:31 +02:00
{
$user = $this->userService->getByNameOrEmail($userNameOrEmail);
$formData = new \Szurubooru\FormData\UserEditFormData($this->inputReader);
if ($formData->avatarStyle !== null || $formData->avatarContent !== null)
{
$this->privilegeService->assertPrivilege(
$this->privilegeService->isLoggedIn($userNameOrEmail)
? \Szurubooru\Privilege::CHANGE_OWN_AVATAR_STYLE
: \Szurubooru\Privilege::CHANGE_ALL_AVATAR_STYLES);
}
if ($formData->userName !== null)
{
$this->privilegeService->assertPrivilege(
$this->privilegeService->isLoggedIn($userNameOrEmail)
? \Szurubooru\Privilege::CHANGE_OWN_NAME
: \Szurubooru\Privilege::CHANGE_ALL_NAMES);
}
if ($formData->password !== null)
{
$this->privilegeService->assertPrivilege(
$this->privilegeService->isLoggedIn($userNameOrEmail)
? \Szurubooru\Privilege::CHANGE_OWN_PASSWORD
: \Szurubooru\Privilege::CHANGE_ALL_PASSWORDS);
}
if ($formData->email !== null)
{
$this->privilegeService->assertPrivilege(
$this->privilegeService->isLoggedIn($userNameOrEmail)
? \Szurubooru\Privilege::CHANGE_OWN_EMAIL_ADDRESS
: \Szurubooru\Privilege::CHANGE_ALL_EMAIL_ADDRESSES);
}
if ($formData->accessRank)
{
$this->privilegeService->assertPrivilege(\Szurubooru\Privilege::CHANGE_ACCESS_RANK);
}
2014-09-07 14:50:16 +02:00
if ($formData->browsingSettings)
{
$this->privilegeService->assertLoggedIn($userNameOrEmail);
2014-09-07 14:50:16 +02:00
}
$user = $this->userService->updateUser($user, $formData);
return $this->userViewProxy->fromEntity($user);
2014-08-31 13:34:31 +02:00
}
public function deleteUser($userNameOrEmail)
2014-08-31 13:34:31 +02:00
{
2014-09-06 10:00:26 +02:00
$this->privilegeService->assertPrivilege(
$this->privilegeService->isLoggedIn($userNameOrEmail)
? \Szurubooru\Privilege::DELETE_OWN_ACCOUNT
: \Szurubooru\Privilege::DELETE_ACCOUNTS);
2014-09-06 10:00:26 +02:00
$user = $this->userService->getByNameOrEmail($userNameOrEmail);
return $this->userService->deleteUser($user);
}
public function passwordReset($userNameOrEmail)
{
$user = $this->userService->getByNameOrEmail($userNameOrEmail);
return $this->userService->sendPasswordResetEmail($user);
}
public function activation($userNameOrEmail)
{
$user = $this->userService->getByNameOrEmail($userNameOrEmail, true);
return $this->userService->sendActivationEmail($user);
}
public function finishPasswordReset($tokenName)
{
$token = $this->tokenService->getByName($tokenName);
return ['newPassword' => $this->userService->finishPasswordReset($token)];
}
public function finishActivation($tokenName)
{
$token = $this->tokenService->getByName($tokenName);
$this->userService->finishActivation($token);
2014-08-31 13:34:31 +02:00
}
}