/**
* Tries to create a new access token.
*/
public function accessTokenPost($request)
{
$body = $request->getBody();
$body = json_decode($body, true);
// Some clients escape the JSON - handle them
if (is_string($body)) {
$body = json_decode($body, true);
}
if (json_last_error() !== JSON_ERROR_NONE) {
throw new \Exception('Invalid JSON posted. Cannot continue!', Resource::STATUS_BAD_REQUEST);
}
$requestParams = new Set($body);
if ($requestParams->get('user')['email'] === null) {
throw new \Exception('Invalid request, user.email property not present!', Resource::STATUS_BAD_REQUEST);
}
$currentDate = new \DateTime();
$defaultParams = new Set(['user' => ['password' => 'password', 'permissions' => ['all']], 'scopes' => ['all'], 'name' => 'Token for ' . $requestParams->get('user')['email'], 'description' => 'Token generated at ' . Util\Date::dateTimeToISO8601($currentDate), 'expiresAt' => null]);
$params = new Set(array_replace_recursive($defaultParams->all(), $requestParams->all()));
$scopeDocuments = [];
$scopes = $params->get('scopes');
foreach ($scopes as $scope) {
$scopeDocument = $this->getScopeByName($scope);
$scopeDocuments[] = $scopeDocument;
}
$permissionDocuments = [];
$permissions = $params->get('user')['permissions'];
foreach ($permissions as $permission) {
$permissionDocument = $this->getScopeByName($permission);
$permissionDocuments[] = $permissionDocument;
}
if (is_numeric($params->get('expiresAt'))) {
$expiresAt = $params->get('expiresAt');
} else {
if (null === $params->get('expiresAt')) {
$expiresAt = null;
} else {
$expiresAt = new \DateTime($params->get('expiresAt'));
$expiresAt = $expiresAt->getTimestamp();
}
}
$userService = new UserService($this->getSlim());
$user = $userService->addUser($params->get('user')['email'], $params->get('user')['password'], $permissionDocuments);
$user->save();
$this->addToken($params->get('name'), $params->get('description'), $expiresAt, $user, $scopeDocuments);
return $this;
}
/**
* Tries to PUT a statement with a specified statementId.
*
* @return
*/
public function statementPut($request)
{
// Check for multipart request
if ($request->isMultipart()) {
$jsonRequest = $request->parts()->get(0);
} else {
$jsonRequest = $request;
}
// Validation has been completed already - everyhing is assumed to be valid (from an external view!)
// TODO: Move header validation in json-schema as well
if ($jsonRequest->getMediaType() !== 'application/json') {
throw new \Exception('Media type specified in Content-Type header must be \'application/json\'!', Resource::STATUS_BAD_REQUEST);
}
// Validation has been completed already - everyhing is assumed to be valid
$body = $jsonRequest->getBody();
$body = json_decode($body, true);
// Some clients escape the JSON - handle them
if (is_string($body)) {
$body = json_decode($body, true);
}
// Save attachments - this could be in a queue perhaps...
if ($request->isMultipart()) {
$fsAdapter = \API\Util\Filesystem::generateAdapter($this->getSlim()->config('filesystem'));
$attachmentCollection = $this->getDocumentManager()->getCollection('attachments');
$partCount = $request->parts()->count();
for ($i = 1; $i < $partCount; $i++) {
$part = $request->parts()->get($i);
$attachmentBody = $part->getBody();
$detectedEncoding = mb_detect_encoding($attachmentBody);
$contentEncoding = $part->headers('Content-Transfer-Encoding');
if ($detectedEncoding === 'UTF-8' && ($contentEncoding === null || $contentEncoding === 'binary')) {
try {
$attachmentBody = iconv('UTF-8', 'ISO-8859-1//IGNORE', $attachmentBody);
} catch (\Exception $e) {
//Use raw file on failed conversion (do nothing!)
}
}
$hash = $part->headers('X-Experience-API-Hash');
$contentType = $part->headers('Content-Type');
$attachmentDocument = $attachmentCollection->createDocument();
$attachmentDocument->setSha2($hash);
$attachmentDocument->setContentType($contentType);
$attachmentDocument->setTimestamp(new MongoDate());
$attachmentDocument->save();
$fsAdapter->put($hash, $attachmentBody);
}
}
$attachmentBase = $this->getSlim()->url->getBaseUrl() . $this->getSlim()->config('filesystem')['exposed_url'];
// Single
$params = new Set($request->get());
$activityCollection = $this->getDocumentManager()->getCollection('activities');
$collection = $this->getDocumentManager()->getCollection('statements');
$cursor = $collection->find();
// Single statement
$cursor->where('statement.id', $params->get('statementId'));
$result = $cursor->findOne();
// ID exists, check if different or conflict
if ($result) {
// Same - return 204 No content
if ($body === $result) {
$this->match = true;
} else {
// Mismatch - return 409 Conflict
throw new Exception('An existing statement already exists with the same ID and is different from the one provided.', Resource::STATUS_CONFLICT);
}
} else {
// Store new statement
$statementDocument = $collection->createDocument();
// Overwrite authority - unless it's a super token and manual authority is set
if (!($this->getAccessToken()->isSuperToken() && isset($statement['authority'])) || !isset($statement['authority'])) {
$statement['authority'] = $this->getAccessToken()->generateAuthority();
}
// Check statementId
if (isset($body['id'])) {
//Check for match
if ($body['id'] !== $params->get('statementId')) {
throw new \Exception('Statement ID query parameter doesn\'t match the given statement property', Resource::STATUS_BAD_REQUEST);
}
} else {
$body['id'] = $params->get('statementId');
}
// Set the statement
$statementDocument->setStatement($body);
// Dates
$currentDate = new \DateTime();
$statementDocument->setStored(Util\Date::dateTimeToISO8601($currentDate));
$statementDocument->setMongoTimestamp(Util\Date::dateTimeToMongoDate($currentDate));
$statementDocument->setDefaultTimestamp();
$statementDocument->fixAttachmentLinks($attachmentBase);
if ($statementDocument->isReferencing()) {
// Copy values of referenced statement chain inside current statement for faster query-ing
// (space-time tradeoff)
$referencedStatement = $statementDocument->getReferencedStatement();
$existingReferences = [];
if (null !== $referencedStatement->getReferences()) {
$existingReferences = $referencedStatement->getReferences();
}
$statementDocument->setReferences(array_push($existingReferences, $referencedStatement->getStatement()));
}
if ($statementDocument->isVoiding()) {
$referencedStatement = $statementDocument->getReferencedStatement();
$referencedStatement->setVoided(true);
$referencedStatement->save();
}
if ($this->getAccessToken()->hasPermission('define')) {
$activities = $statementDocument->extractActivities();
if (count($activities) > 0) {
$activityCollection->insertMultiple($activities);
}
}
$statementDocument->save();
// Add to log
$this->getSlim()->requestLog->addRelation('statements', $statementDocument)->save();
$this->single = true;
$this->statements = [$statementDocument];
}
return $this;
}
