function resource($loggedIn)
{
$routes = array("settings" => function ($action) {
return restRequestSettings($action);
}, "gallery" => function ($action) {
return restRequestGallery();
}, "portfolio" => function ($action) {
return restRequestPortfolio($action, $_GET["id"]);
}, "account" => function ($action) {
return restRequestAccount($action, $_GET["email"]);
}, "invite" => function ($action) {
return restRequestInvite($action, $_GET["email"]);
});
$type = $_GET["type"];
$action = $_GET["action"] ?: "get";
$_GET["email"] = strtolower($_GET["email"]);
$standardAction = in_array($action, array("create", "get", "update", "delete", "list"));
if ($type === "security") {
$resource = restRequestSecurity($action, $_POST["email"], $_POST["password"], $_POST["confirm"], $_POST["invite"]);
} elseif (!$loggedIn) {
$resource = restError(401);
} elseif ($type === "command") {
$resource = runCommand($action);
} elseif (isset($routes[$type]) && $standardAction) {
$resource = $routes[$type]($action);
} else {
$resource = restError(400);
}
logEvent("get-resource", $type, $action, $_GET["id"], !getProperty($resource, "error"));
return $resource;
}
function restRequestInvite($action, $email)
{
if ($action === "create") {
$resource = validEmailFormat($email) ? sendAccountInvite($email) : restError(404);
} elseif ($_SESSION["read-only-user"]) {
$resource = array(array("to" => "*****@*****.**", "date" => date("Y-m-d")));
} else {
$resource = array_values(array_map("displayDate", array_filter(array_values((array) readAccountsDb()->invites), "outstanding")));
}
return $resource;
}
