public function index(SS_HTTPRequest $request)
{
if ($request->isPOST()) {
$update = json_decode($request->getBody());
$joblog = TranscodeJob::get()->filter('JobID', (int) $update->id)->first();
// return if status already is done (some protection)
if ($joblog->JobStatus !== "started") {
return "Error: job status not started";
}
// save full update into log object -- no, may contain passwords etc. -- well, fixed but still...
//format_id
// load files into appropriate relations
$transcodable = $joblog->Transcodable();
$transcodable->loadTranscodedFiles();
if (count(get_object_vars($update->errors))) {
$joblog->JobErrorMessage = json_encode($update->errors);
$joblog->JobStatus = "error";
} else {
if ($transcodable->transcodingComplete()) {
// set status to done when complete...
$joblog->JobErrorMessage = "";
$joblog->JobStatus = "done";
}
}
// write logfile
$joblog->write();
} else {
// this shouldn't happen
return "Well hello there...";
}
return "Updated";
}
/**
* @param \SS_HTTPRequest $request
* @return array
* @throws RestSystemException
* @throws RestUserException
*/
public function post($request)
{
$data = json_decode($request->getBody(), true);
if (!$data) {
throw new RestUserException("No data for session provided.", 401, 401);
}
try {
$validated = \Injector::inst()->get('SessionValidator')->validate($data);
$user = \Injector::inst()->get('ApiMemberAuthenticator')->authenticate($validated);
$session = $user ? AuthFactory::createAuth()->createSession($user) : null;
if (!$session) {
throw new RestUserException("Login incorrect", 401, 401);
}
} catch (\ValidationException $e) {
throw new RestUserException($e->getMessage(), 422, 422);
} catch (RestUserException $e) {
throw $e;
} catch (\Exception $e) {
throw new RestSystemException($e->getMessage(), $e->getCode() ?: 500);
}
$meta = ['timestamp' => time()];
$result = ['session' => SessionFormatter::format($session)];
$result['meta'] = $meta;
return $result;
}
/**
* This method passes through an HTTP request to another webserver.
* This proxy is used to avoid any cross domain issues. The proxy
* uses a white-list of domains to minimize security risks.
*
* @param SS_HTTPRequest $data array of parameters
*
* $data['u']: URL (complete request string)
* $data['no_header']: set to '1' to avoid sending header information
* directly.
* @return the CURL response
*/
public function dorequest($data)
{
$headers = array();
$vars = $data->requestVars();
$no_header = false;
if (!isset($vars['u'])) {
return "Invalid request: unknown proxy destination.";
}
$url = $vars['u'];
if (isset($vars['no_header']) && $vars['no_header'] == '1') {
$no_header = true;
}
$checkUrl = explode("/", $url);
if (!in_array($checkUrl[2], self::get_allowed_host())) {
return "Access denied to ({$url}).";
}
// Open the Curl session
$session = curl_init($url);
// If it's a POST, put the POST data in the body
$isPost = $data->isPOST();
if ($isPost) {
$postvars = '';
$vars = $data->getBody();
if ($vars) {
$postvars = "body=" . $vars;
} else {
$vars = $data->postVars();
if ($vars) {
foreach ($vars as $k => $v) {
$postvars .= $k . '=' . $v . '&';
}
}
}
$headers[] = 'Content-type: text/xml';
curl_setopt($session, CURLOPT_HTTPHEADER, $headers);
curl_setopt($session, CURLOPT_POST, true);
curl_setopt($session, CURLOPT_POSTFIELDS, $postvars);
}
// Don't return HTTP headers. Do return the contents of the call
curl_setopt($session, CURLOPT_HEADER, false);
curl_setopt($session, CURLOPT_RETURNTRANSFER, true);
// Make the call
$xml = curl_exec($session);
// The web service returns XML. Set the Content-Type appropriately
if ($no_header == false) {
header("Content-Type: text/xml");
}
curl_close($session);
return $xml;
}
public function newEventAction(SS_HTTPRequest $request)
{
$data = json_decode($request->getBody(), true);
$eventForm = new NewEventForm($this, __FUNCTION__);
$eventForm->loadDataFrom($data);
if ($eventForm->validate()) {
// Valid
$submittedEvent = UserSubmittedEvent::create()->update($eventForm->getData());
$submittedEvent->write();
return $this->sendResponse(array('success' => true));
} else {
// Invalid
$errors = $eventForm->getValidator()->getErrors();
return $this->sendResponse(array('success' => false, 'errors' => $errors));
}
}
/**
* @param SS_HTTPRequest $request
* @return array
* @throws RestUserException
*/
public function post($request)
{
$data = json_decode($request->getBody(), true);
if (!$data) {
throw new RestUserException("No data for session provided.", 404);
}
try {
$validated = SessionValidator::validate($data);
$session = AuthFactory::createAuth()->authenticate($validated['Email'], $validated['Password']);
if (!$session) {
throw new RestUserException("Login incorrect", 404);
}
} catch (ValidationException $e) {
throw new RestUserException($e->getMessage(), 404);
} catch (Exception $e) {
error_log($e->getMessage());
throw new RestUserException($e->getMessage(), 404);
}
$meta = ['timestamp' => time()];
$result = ['session' => SessionFormatter::format($session)];
$result['meta'] = $meta;
return $result;
}
/**
* Applies edits to the file bound to this controller
*
* @param SS_HTTPRequest $r
* @return SS_HTTPResponse
*/
public function handleUpdate(SS_HTTPRequest $r)
{
if (!$this->file->canEdit()) {
return $this->httpError(403);
}
parse_str($r->getBody(), $vars);
if (isset($vars['parentID'])) {
$this->file->ParentID = $vars['parentID'];
$this->file->write();
}
$this->file->Title = $vars['title'];
if (isset($vars['filename']) && !empty($vars['filename'])) {
$this->file->Filename = $this->file->Parent()->Filename . '/' . $vars['filename'];
}
$this->file->write();
return $this->JSONResponse($this->buildJSON());
}
/**
* @param SS_HTTPRequest $r
* @return SS_HTTPResponse|void
* @throws SS_HTTPResponse_Exception
*/
public function handleUpdatePresentation(SS_HTTPRequest $r)
{
if (!Member::currentUser()) {
return $this->httpError(403, 'You must be logged in to vote');
}
$presentation = $this->getFromFilename($r->param('ID'), 'Presentation');
if (!$presentation) {
return $this->httpError(404);
}
if (!$presentation->Summit()->isVotingOpen()) {
return $this->httpError(403, 'Voting is closed');
}
$vars = Convert::json2array($r->getBody());
if (isset($vars['vote'])) {
$presentation->setUserVote((int) $vars['vote']);
return new SS_HTTPResponse('OK', 200);
}
if (isset($vars['comment'])) {
if ($userVote = $presentation->getUserVote()) {
$userVote->Content = $vars['comment'];
$userVote->write();
return new SS_HTTPResponse('OK', 200);
}
return new SS_HTTPResponse('No vote found', 403);
}
return $this->httpError(400);
}
public function handleDeleteChair(SS_HTTPRequest $r)
{
parse_str($r->getBody(), $vars);
if (!isset($vars['chairID']) || !isset($vars['categoryID'])) {
return $this->httpError(400, 'You must provide a chairID and categoryID param');
}
$category = PresentationCategory::get()->byID($vars['categoryID']);
$chair = SummitTrackChair::get()->byID($vars['chairID']);
if (!$category) {
return $this->httpError(404, 'Category not found');
}
if (!$chair) {
return $this->httpError(404, 'Chair not found');
}
$category->TrackChairs()->remove($chair);
return new SS_HTTPResponse("Chair {$chair->Member()->getName()} removed from {$category->Title}", 200);
}
/**
* Generates a fake request for the field
* @param {SS_HTTPRequest} $request Source Request to base the fake request off of
* @param {Widget} $sourceWidget Source widget
* @param {string} $baseLink Base URL to be truncated off of the form
* @return {SS_HTTPRequest} Fake HTTP Request used to fool the form field into thinking the request was made to it directly
*/
protected function getFakeRequest(SS_HTTPRequest $request, Widget $sourceWidget, $baseLink)
{
$fieldName = rawurldecode($request->param('FieldName'));
$objID = preg_replace('/Widget\\[(.*?)\\]\\[(.*?)\\]\\[(.*?)\\]$/', '$2', $fieldName);
$finalPostVars = array();
if ($request->isPOST()) {
$postVars = $request->postVars();
//Pull the post data for the widget
if (isset($postVars['Widget'][$this->getName()][$objID])) {
$finalPostVars = $postVars['Widget'][$this->getName()][$objID];
} else {
$finalPostVars = array();
}
$finalPostVars = array_merge($finalPostVars, $postVars);
unset($finalPostVars['Widget']);
//Workaround for UploadField's and GridFields confusing the request
$fields = $sourceWidget->getCMSFields();
$uploadFields = array();
$gridFields = array();
foreach ($fields as $field) {
if ($field instanceof UploadField) {
$uploadFields[] = $field->getName();
} else {
if ($field instanceof GridField) {
$gridFields[] = $field->getName();
}
}
}
//Re-orgazine the upload field data
if (count($uploadFields)) {
foreach ($uploadFields as $field) {
$formFieldName = 'Widget[' . $this->getName() . '][' . $objID . '][' . $field . ']';
$fieldData = array($formFieldName => array('name' => array('Uploads' => array()), 'type' => array('Uploads' => array()), 'tmp_name' => array('Uploads' => array()), 'error' => array('Uploads' => array()), 'size' => array('Uploads' => array())));
if (isset($postVars['Widget']['name'][$this->getName()][$objID][$field]['Uploads'])) {
for ($i = 0; $i < count($postVars['Widget']['name'][$this->getName()][$objID][$field]['Uploads']); $i++) {
$fieldData[$formFieldName]['name']['Uploads'][] = $postVars['Widget']['name'][$this->getName()][$objID][$field]['Uploads'][$i];
$fieldData[$formFieldName]['type']['Uploads'][] = $postVars['Widget']['type'][$this->getName()][$objID][$field]['Uploads'][$i];
$fieldData[$formFieldName]['tmp_name']['Uploads'][] = $postVars['Widget']['tmp_name'][$this->getName()][$objID][$field]['Uploads'][$i];
$fieldData[$formFieldName]['error']['Uploads'][] = $postVars['Widget']['error'][$this->getName()][$objID][$field]['Uploads'][$i];
$fieldData[$formFieldName]['size']['Uploads'][] = $postVars['Widget']['size'][$this->getName()][$objID][$field]['Uploads'][$i];
}
}
$finalPostVars = array_merge_recursive($finalPostVars, $fieldData);
}
}
//Reorganize the gridfield data
if (count($gridFields) && isset($postVars['Widget'][$this->getName()][$objID])) {
foreach ($gridFields as $field) {
$formFieldName = 'Widget[' . $this->getName() . '][' . $objID . '][' . $field . ']';
$fieldData = array($formFieldName => $postVars['Widget'][$this->getName()][$objID][$field]);
}
$finalPostVars = array_merge_recursive($finalPostVars, $fieldData);
}
}
$headers = $request->getHeaders();
$request = new SS_HTTPRequest($_SERVER['REQUEST_METHOD'], str_replace(rtrim($baseLink, '/'), '', rtrim($request->getURL(), '/')) . '/', $request->getVars(), $finalPostVars, $request->getBody());
$request->match('$Action/$ID/$OtherID');
//Merge in the headers
foreach ($headers as $header => $value) {
$request->addHeader($header, $value);
}
return $request;
}
