//So even with a valid apiKey, the designer can access her own resources only
$response = MediaService::updateMedia($objMedia);
Utils::echoResponse($response);
});
$app->delete('/media/:mediaId', function ($mediaId) use($app) {
//Check authentication
$rs = UserService::checkAuthentication($app->request->headers->get('apiKey'));
if ($rs["status"] != SUCCESS) {
Utils::echoResponse($rs);
return;
}
//Get a user sent from client and convert it to a json object
$objMedia['mediaId'] = $mediaId;
$objMedia['designerId'] = $rs['data']->id;
//So even with a valid apiKey, the designer can access her own resources only
$response = MediaService::deleteMedia($objMedia);
Utils::echoResponse($response);
});
$app->get('/mediaForEntity/:designerId/:experienceId/:entityId/:entityType', function ($designerId, $experienceId, $entityId, $entityType) use($app) {
//Check authentication
$rs = UserService::checkAuthentication($app->request->headers->get('apiKey'));
if ($rs["status"] != SUCCESS) {
Utils::echoResponse($rs);
return;
}
$response = MediaService::getMediaForEntity($designerId, $experienceId, $entityId, $entityType);
Utils::echoResponse($response);
});
//This endpoint is called by SPET so no user info
$app->get('/mediaForEntityForSpet/:experienceId/:entityId/:entityType', function ($experienceId, $entityId, $entityType) use($app) {
$response = MediaService::getMediaForEntityForSpet($experienceId, $entityId, $entityType);
