szurubooru/src/Controllers/UserController.php

<?php
namespace Szurubooru\Controllers;

final class UserController extends AbstractController
{
	private $privilegeService;
	private $userService;
	private $tokenService;
	private $inputReader;
	private $userViewProxy;

	public function __construct(
		\Szurubooru\Services\PrivilegeService $privilegeService,
		\Szurubooru\Services\UserService $userService,
		\Szurubooru\Services\TokenService $tokenService,
		\Szurubooru\Helpers\InputReader $inputReader,
		\Szurubooru\Controllers\ViewProxies\UserViewProxy $userViewProxy)
	{
		$this->privilegeService = $privilegeService;
		$this->userService = $userService;
		$this->tokenService = $tokenService;
		$this->inputReader = $inputReader;
		$this->userViewProxy = $userViewProxy;
	}

	public function registerRoutes(\Szurubooru\Router $router)
	{
		$router->post('/api/users', [$this, 'createUser']);
		$router->get('/api/users', [$this, 'getFiltered']);
		$router->get('/api/users/:userNameOrEmail', [$this, 'getByNameOrEmail']);
		$router->put('/api/users/:userNameOrEmail', [$this, 'updateUser']);
		$router->delete('/api/users/:userNameOrEmail', [$this, 'deleteUser']);
		$router->post('/api/password-reset/:userNameOrEmail', [$this, 'passwordReset']);
		$router->post('/api/finish-password-reset/:tokenName', [$this, 'finishPasswordReset']);
		$router->post('/api/activation/:userNameOrEmail', [$this, 'activation']);
		$router->post('/api/finish-activation/:tokenName', [$this, 'finishActivation']);
	}

	public function getByNameOrEmail($userNameOrEmail)
	{
		$user = $this->userService->getByNameOrEmail($userNameOrEmail);
		return $this->userViewProxy->fromEntity($user);
	}

	public function getFiltered()
	{
		$this->privilegeService->assertPrivilege(\Szurubooru\Privilege::LIST_USERS);

		$formData = new \Szurubooru\FormData\SearchFormData($this->inputReader);
		$searchResult = $this->userService->getFiltered($formData);
		$entities = $this->userViewProxy->fromArray($searchResult->getEntities());
		return [
			'data' => $entities,
			'pageSize' => $searchResult->getPageSize(),
			'totalRecords' => $searchResult->getTotalRecords()];
	}

	public function createUser()
	{
		$this->privilegeService->assertPrivilege(\Szurubooru\Privilege::REGISTER);
		$formData = new \Szurubooru\FormData\RegistrationFormData($this->inputReader);
		$user = $this->userService->createUser($formData);
		return $this->userViewProxy->fromEntity($user);
	}

	public function updateUser($userNameOrEmail)
	{
		$user = $this->userService->getByNameOrEmail($userNameOrEmail);
		$formData = new \Szurubooru\FormData\UserEditFormData($this->inputReader);

		if ($formData->avatarStyle !== null || $formData->avatarContent !== null)
		{
			$this->privilegeService->assertPrivilege(
				$this->privilegeService->isLoggedIn($userNameOrEmail)
					? \Szurubooru\Privilege::CHANGE_OWN_AVATAR_STYLE
					: \Szurubooru\Privilege::CHANGE_ALL_AVATAR_STYLES);
		}

		if ($formData->userName !== null)
		{
			$this->privilegeService->assertPrivilege(
				$this->privilegeService->isLoggedIn($userNameOrEmail)
					? \Szurubooru\Privilege::CHANGE_OWN_NAME
					: \Szurubooru\Privilege::CHANGE_ALL_NAMES);
		}

		if ($formData->password !== null)
		{
			$this->privilegeService->assertPrivilege(
				$this->privilegeService->isLoggedIn($userNameOrEmail)
					? \Szurubooru\Privilege::CHANGE_OWN_PASSWORD
					: \Szurubooru\Privilege::CHANGE_ALL_PASSWORDS);
		}

		if ($formData->email !== null)
		{
			$this->privilegeService->assertPrivilege(
				$this->privilegeService->isLoggedIn($userNameOrEmail)
					? \Szurubooru\Privilege::CHANGE_OWN_EMAIL_ADDRESS
					: \Szurubooru\Privilege::CHANGE_ALL_EMAIL_ADDRESSES);
		}

		if ($formData->accessRank)
		{
			$this->privilegeService->assertPrivilege(\Szurubooru\Privilege::CHANGE_ACCESS_RANK);
		}

		if ($formData->browsingSettings)
		{
			$this->privilegeService->assertLoggedIn($userNameOrEmail);
		}

		$user = $this->userService->updateUser($user, $formData);
		return $this->userViewProxy->fromEntity($user);
	}

	public function deleteUser($userNameOrEmail)
	{
		$this->privilegeService->assertPrivilege(
			$this->privilegeService->isLoggedIn($userNameOrEmail)
				? \Szurubooru\Privilege::DELETE_OWN_ACCOUNT
				: \Szurubooru\Privilege::DELETE_ACCOUNTS);

		$user = $this->userService->getByNameOrEmail($userNameOrEmail);
		return $this->userService->deleteUser($user);
	}

	public function passwordReset($userNameOrEmail)
	{
		$user = $this->userService->getByNameOrEmail($userNameOrEmail);
		return $this->userService->sendPasswordResetEmail($user);
	}

	public function activation($userNameOrEmail)
	{
		$user = $this->userService->getByNameOrEmail($userNameOrEmail, true);
		return $this->userService->sendActivationEmail($user);
	}

	public function finishPasswordReset($tokenName)
	{
		$token = $this->tokenService->getByName($tokenName);
		return ['newPassword' => $this->userService->finishPasswordReset($token)];
	}

	public function finishActivation($tokenName)
	{
		$token = $this->tokenService->getByName($tokenName);
		$this->userService->finishActivation($token);
	}
}
Simplified controller repository 2014-08-31 13:34:31 +02:00			`<?php`
			`namespace Szurubooru\Controllers;`

			`final class UserController extends AbstractController`
			`{`
Refactored privilege system 2014-09-06 10:00:26 +02:00			`private $privilegeService;`
Worked on user registration 2014-08-31 17:42:48 +02:00			`private $userService;`
Added IValidatable; moved validation to FormData I still struggle to find out how to deal with arguments like $userNameOrEmail. Should I trim() them in controllers, or in service? If I do it in service, shouldn't all of such validation belong in there? 2014-09-09 19:38:16 +02:00			`private $tokenService;`
Added basic privilege system 2014-09-04 19:57:06 +02:00			`private $inputReader;`
Refactored controller DTOs 2014-09-05 19:18:49 +02:00			`private $userViewProxy;`
Simplified controller repository 2014-08-31 13:34:31 +02:00
Moved validation to services 2014-08-31 14:07:46 +02:00			`public function __construct(`
Refactored privilege system 2014-09-06 10:00:26 +02:00			`\Szurubooru\Services\PrivilegeService $privilegeService,`
Moved validation to services 2014-08-31 14:07:46 +02:00			`\Szurubooru\Services\UserService $userService,`
Added IValidatable; moved validation to FormData I still struggle to find out how to deal with arguments like $userNameOrEmail. Should I trim() them in controllers, or in service? If I do it in service, shouldn't all of such validation belong in there? 2014-09-09 19:38:16 +02:00			`\Szurubooru\Services\TokenService $tokenService,`
Refactored controller DTOs 2014-09-05 19:18:49 +02:00			`\Szurubooru\Helpers\InputReader $inputReader,`
			`\Szurubooru\Controllers\ViewProxies\UserViewProxy $userViewProxy)`
Simplified controller repository 2014-08-31 13:34:31 +02:00			`{`
Refactored privilege system 2014-09-06 10:00:26 +02:00			`$this->privilegeService = $privilegeService;`
Simplified controller repository 2014-08-31 13:34:31 +02:00			`$this->userService = $userService;`
Added IValidatable; moved validation to FormData I still struggle to find out how to deal with arguments like $userNameOrEmail. Should I trim() them in controllers, or in service? If I do it in service, shouldn't all of such validation belong in there? 2014-09-09 19:38:16 +02:00			`$this->tokenService = $tokenService;`
Added basic privilege system 2014-09-04 19:57:06 +02:00			`$this->inputReader = $inputReader;`
Refactored controller DTOs 2014-09-05 19:18:49 +02:00			`$this->userViewProxy = $userViewProxy;`
Simplified controller repository 2014-08-31 13:34:31 +02:00			`}`

			`public function registerRoutes(\Szurubooru\Router $router)`
			`{`
Added account settings management and avatars 2014-09-07 00:33:46 +02:00			`$router->post('/api/users', [$this, 'createUser']);`
Added proof of concept for pagination and search 2014-09-03 19:07:53 +02:00			`$router->get('/api/users', [$this, 'getFiltered']);`
Added e-mail confirmation and password reset 2014-09-08 13:06:32 +02:00			`$router->get('/api/users/:userNameOrEmail', [$this, 'getByNameOrEmail']);`
			`$router->put('/api/users/:userNameOrEmail', [$this, 'updateUser']);`
			`$router->delete('/api/users/:userNameOrEmail', [$this, 'deleteUser']);`
			`$router->post('/api/password-reset/:userNameOrEmail', [$this, 'passwordReset']);`
			`$router->post('/api/finish-password-reset/:tokenName', [$this, 'finishPasswordReset']);`
			`$router->post('/api/activation/:userNameOrEmail', [$this, 'activation']);`
			`$router->post('/api/finish-activation/:tokenName', [$this, 'finishActivation']);`
Simplified controller repository 2014-08-31 13:34:31 +02:00			`}`

Added e-mail confirmation and password reset 2014-09-08 13:06:32 +02:00			`public function getByNameOrEmail($userNameOrEmail)`
Added account removal 2014-09-05 13:50:51 +02:00			`{`
Added e-mail confirmation and password reset 2014-09-08 13:06:32 +02:00			`$user = $this->userService->getByNameOrEmail($userNameOrEmail);`
Refactored controller DTOs 2014-09-05 19:18:49 +02:00			`return $this->userViewProxy->fromEntity($user);`
Added account removal 2014-09-05 13:50:51 +02:00			`}`

Added proof of concept for pagination and search 2014-09-03 19:07:53 +02:00			`public function getFiltered()`
			`{`
Removed PRIVILEGE_ prefix from constants 2014-09-06 17:54:02 +02:00			`$this->privilegeService->assertPrivilege(\Szurubooru\Privilege::LIST_USERS);`
Added basic privilege system 2014-09-04 19:57:06 +02:00
Added account settings management and avatars 2014-09-07 00:33:46 +02:00			`$formData = new \Szurubooru\FormData\SearchFormData($this->inputReader);`
			`$searchResult = $this->userService->getFiltered($formData);`
Fixed login remembering 2014-09-23 20:45:59 +02:00			`$entities = $this->userViewProxy->fromArray($searchResult->getEntities());`
Added proof of concept for pagination and search 2014-09-03 19:07:53 +02:00			`return [`
			`'data' => $entities,`
Fixed login remembering 2014-09-23 20:45:59 +02:00			`'pageSize' => $searchResult->getPageSize(),`
			`'totalRecords' => $searchResult->getTotalRecords()];`
Added proof of concept for pagination and search 2014-09-03 19:07:53 +02:00			`}`

Added account settings management and avatars 2014-09-07 00:33:46 +02:00			`public function createUser()`
Simplified controller repository 2014-08-31 13:34:31 +02:00			`{`
Removed PRIVILEGE_ prefix from constants 2014-09-06 17:54:02 +02:00			`$this->privilegeService->assertPrivilege(\Szurubooru\Privilege::REGISTER);`
Added account settings management and avatars 2014-09-07 00:33:46 +02:00			`$formData = new \Szurubooru\FormData\RegistrationFormData($this->inputReader);`
			`$user = $this->userService->createUser($formData);`
Added info about activation to account settings 2014-09-10 18:06:49 +02:00			`return $this->userViewProxy->fromEntity($user);`
Simplified controller repository 2014-08-31 13:34:31 +02:00			`}`

Added e-mail confirmation and password reset 2014-09-08 13:06:32 +02:00			`public function updateUser($userNameOrEmail)`
Simplified controller repository 2014-08-31 13:34:31 +02:00			`{`
Added e-mail confirmation and password reset 2014-09-08 13:06:32 +02:00			`$user = $this->userService->getByNameOrEmail($userNameOrEmail);`
Added account settings management and avatars 2014-09-07 00:33:46 +02:00			`$formData = new \Szurubooru\FormData\UserEditFormData($this->inputReader);`

Fixed privilege checks for changing avatars 2014-09-14 18:30:15 +02:00			`if ($formData->avatarStyle !== null \|\| $formData->avatarContent !== null)`
Added account settings management and avatars 2014-09-07 00:33:46 +02:00			`{`
			`$this->privilegeService->assertPrivilege(`
Added e-mail confirmation and password reset 2014-09-08 13:06:32 +02:00			`$this->privilegeService->isLoggedIn($userNameOrEmail)`
Added account settings management and avatars 2014-09-07 00:33:46 +02:00			`? \Szurubooru\Privilege::CHANGE_OWN_AVATAR_STYLE`
			`: \Szurubooru\Privilege::CHANGE_ALL_AVATAR_STYLES);`
			`}`

			`if ($formData->userName !== null)`
			`{`
			`$this->privilegeService->assertPrivilege(`
Added e-mail confirmation and password reset 2014-09-08 13:06:32 +02:00			`$this->privilegeService->isLoggedIn($userNameOrEmail)`
Added account settings management and avatars 2014-09-07 00:33:46 +02:00			`? \Szurubooru\Privilege::CHANGE_OWN_NAME`
			`: \Szurubooru\Privilege::CHANGE_ALL_NAMES);`
			`}`

			`if ($formData->password !== null)`
			`{`
			`$this->privilegeService->assertPrivilege(`
Added e-mail confirmation and password reset 2014-09-08 13:06:32 +02:00			`$this->privilegeService->isLoggedIn($userNameOrEmail)`
Added account settings management and avatars 2014-09-07 00:33:46 +02:00			`? \Szurubooru\Privilege::CHANGE_OWN_PASSWORD`
			`: \Szurubooru\Privilege::CHANGE_ALL_PASSWORDS);`
			`}`

			`if ($formData->email !== null)`
			`{`
			`$this->privilegeService->assertPrivilege(`
Added e-mail confirmation and password reset 2014-09-08 13:06:32 +02:00			`$this->privilegeService->isLoggedIn($userNameOrEmail)`
Added account settings management and avatars 2014-09-07 00:33:46 +02:00			`? \Szurubooru\Privilege::CHANGE_OWN_EMAIL_ADDRESS`
			`: \Szurubooru\Privilege::CHANGE_ALL_EMAIL_ADDRESSES);`
			`}`

			`if ($formData->accessRank)`
			`{`
			`$this->privilegeService->assertPrivilege(\Szurubooru\Privilege::CHANGE_ACCESS_RANK);`
			`}`

Added browsing settings 2014-09-07 14:50:16 +02:00			`if ($formData->browsingSettings)`
			`{`
Added e-mail confirmation and password reset 2014-09-08 13:06:32 +02:00			`$this->privilegeService->assertLoggedIn($userNameOrEmail);`
Added browsing settings 2014-09-07 14:50:16 +02:00			`}`

Added e-mail confirmation and password reset 2014-09-08 13:06:32 +02:00			`$user = $this->userService->updateUser($user, $formData);`
Added account settings management and avatars 2014-09-07 00:33:46 +02:00			`return $this->userViewProxy->fromEntity($user);`
Simplified controller repository 2014-08-31 13:34:31 +02:00			`}`

Added e-mail confirmation and password reset 2014-09-08 13:06:32 +02:00			`public function deleteUser($userNameOrEmail)`
Simplified controller repository 2014-08-31 13:34:31 +02:00			`{`
Refactored privilege system 2014-09-06 10:00:26 +02:00			`$this->privilegeService->assertPrivilege(`
Added e-mail confirmation and password reset 2014-09-08 13:06:32 +02:00			`$this->privilegeService->isLoggedIn($userNameOrEmail)`
Removed PRIVILEGE_ prefix from constants 2014-09-06 17:54:02 +02:00			`? \Szurubooru\Privilege::DELETE_OWN_ACCOUNT`
			`: \Szurubooru\Privilege::DELETE_ACCOUNTS);`
Refactored privilege system 2014-09-06 10:00:26 +02:00
Added e-mail confirmation and password reset 2014-09-08 13:06:32 +02:00			`$user = $this->userService->getByNameOrEmail($userNameOrEmail);`
			`return $this->userService->deleteUser($user);`
			`}`

			`public function passwordReset($userNameOrEmail)`
			`{`
			`$user = $this->userService->getByNameOrEmail($userNameOrEmail);`
			`return $this->userService->sendPasswordResetEmail($user);`
			`}`

			`public function activation($userNameOrEmail)`
			`{`
			`$user = $this->userService->getByNameOrEmail($userNameOrEmail, true);`
			`return $this->userService->sendActivationEmail($user);`
			`}`

			`public function finishPasswordReset($tokenName)`
			`{`
Added IValidatable; moved validation to FormData I still struggle to find out how to deal with arguments like $userNameOrEmail. Should I trim() them in controllers, or in service? If I do it in service, shouldn't all of such validation belong in there? 2014-09-09 19:38:16 +02:00			`$token = $this->tokenService->getByName($tokenName);`
			`return ['newPassword' => $this->userService->finishPasswordReset($token)];`
Added e-mail confirmation and password reset 2014-09-08 13:06:32 +02:00			`}`

			`public function finishActivation($tokenName)`
			`{`
Added IValidatable; moved validation to FormData I still struggle to find out how to deal with arguments like $userNameOrEmail. Should I trim() them in controllers, or in service? If I do it in service, shouldn't all of such validation belong in there? 2014-09-09 19:38:16 +02:00			`$token = $this->tokenService->getByName($tokenName);`
			`$this->userService->finishActivation($token);`
Simplified controller repository 2014-08-31 13:34:31 +02:00			`}`
			`}`