/** * @name GetUser * @description Loads the requested user by Id * @response UserResponse * @param int $userId * @return void */ public function GetUser($userId) { $responseCode = RestResponse::OK_CODE; $hideUsers = Configuration::Instance()->GetSectionKey(ConfigSection::PRIVACY, ConfigKeys::PRIVACY_HIDE_USER_DETAILS, new BooleanConverter()); $userSession = $this->server->GetSession(); $repository = $this->repositoryFactory->Create($userSession); $user = $repository->LoadById($userId); $loadedUserId = $user->Id(); if (empty($loadedUserId)) { $this->server->WriteResponse(RestResponse::NotFound(), RestResponse::NOT_FOUND_CODE); return; } $attributes = $this->attributeService->GetAttributes(CustomAttributeCategory::USER, array($userId)); if ($userId == $userSession->UserId || !$hideUsers || $userSession->IsAdmin) { $response = new UserResponse($this->server, $user, $attributes); } else { $me = $repository->LoadById($userSession->UserId); if ($me->IsAdminFor($user)) { $response = new UserResponse($this->server, $user, $attributes); } else { $response = RestResponse::Unauthorized(); $responseCode = RestResponse::UNAUTHORIZED_CODE; } } $this->server->WriteResponse($response, $responseCode); }
public function HandleSecureRequest(IRestServer $server, $requireAdminRole = false) { $sessionToken = $server->GetHeader(WebServiceHeaders::SESSION_TOKEN); $userId = $server->GetHeader(WebServiceHeaders::USER_ID); Log::Debug('Handling secure request. url=%s, userId=%s, sessionToken=%s', $_SERVER['REQUEST_URI'], $userId, $sessionToken); if (empty($sessionToken) || empty($userId)) { Log::Debug('Empty token or userId'); return false; } $session = $this->repository->LoadBySessionToken($sessionToken); if ($session != null && $session->IsExpired()) { Log::Debug('Session is expired'); $this->repository->Delete($session); return false; } if ($session == null || $session->UserId != $userId) { Log::Debug('Session token does not match user session token'); return false; } if ($requireAdminRole && !$session->IsAdmin) { Log::Debug('Route is limited to application administrators and this user is not an admin'); return false; } $session->ExtendSession(); $this->repository->Update($session); $server->SetSession($session); Log::Debug('Secure request was authenticated'); return true; }
public function __construct(IRestServer $server, $fileId, $fileName, $referenceNumber) { $this->fileName = $fileName; $page = Pages::RESERVATION_FILE; $qsAttachment = QueryStringKeys::ATTACHMENT_FILE_ID; $qsRefNum = QueryStringKeys::REFERENCE_NUMBER; $this->url = $server->GetUrl() . "/attachments/{$page}?{$qsAttachment}={$fileId}&{$qsRefNum}={$referenceNumber}"; }
/** * @name GetAccessory * @description Loads a specific accessory by id * @param int $accessoryId * @response AccessoryResponse * @return void */ public function GetAccessory($accessoryId) { $accessory = $this->accessoryRepository->LoadById($accessoryId); if (empty($accessory)) { $this->server->WriteResponse(RestResponse::NotFound(), RestResponse::NOT_FOUND_CODE); } else { $this->server->WriteResponse(new AccessoryResponse($this->server, $accessory)); } }
/** * @name GetAttribute * @description Gets all custom attribute definitions for the requested attribute * @response CustomAttributeDefinitionResponse * @return void * @param int $attributeId */ public function GetAttribute($attributeId) { $attribute = $this->attributeService->GetById($attributeId); if ($attribute != null) { $this->server->WriteResponse(new CustomAttributeDefinitionResponse($this->server, $attribute)); } else { $this->server->WriteResponse(RestResponse::NotFound(), RestResponse::NOT_FOUND_CODE); } }
/** * @name GetGroup * @description Loads a specific group by id * @response GroupResponse * @param int $groupId * @return void */ public function GetGroup($groupId) { $group = $this->groupRepository->LoadById($groupId); if ($group != null) { $this->server->WriteResponse(new GroupResponse($this->server, $group)); } else { $this->server->WriteResponse(RestResponse::NotFound(), RestResponse::NOT_FOUND_CODE); } }
/** * @name GetSchedule * @description Loads a specific schedule by id * @response ScheduleResponse * @param $scheduleId * @return void */ public function GetSchedule($scheduleId) { $schedule = $this->scheduleRepository->LoadById($scheduleId); if ($schedule != null) { $layout = $this->scheduleRepository->GetLayout($schedule->GetId(), new ScheduleLayoutFactory($this->server->GetSession()->Timezone)); $this->server->WriteResponse(new ScheduleResponse($this->server, $schedule, $layout)); } else { $this->server->WriteResponse(RestResponse::NotFound(), RestResponse::NOT_FOUND_CODE); } }
/** * @param IRestServer $server * @param array|ReservationItemView[] $reservations * @param IPrivacyFilter $privacyFilter * @param Date $minDate * @param Date $maxDate */ public function __construct(IRestServer $server, $reservations, IPrivacyFilter $privacyFilter, Date $minDate, Date $maxDate) { $user = $server->GetSession(); foreach ($reservations as $reservation) { $showUser = $privacyFilter->CanViewUser($user, null, $reservation->UserId); $showDetails = $privacyFilter->CanViewDetails($user, null, $reservation->UserId); $this->reservations[] = new ReservationItemResponse($reservation, $server, $showUser, $showDetails); $this->startDateTime = $minDate->ToIso(); $this->endDateTime = $maxDate->ToIso(); } }
public function __construct(IRestServer $server, Group $group) { $this->id = $group->Id(); $this->name = $group->Name(); $this->adminGroup = $server->GetServiceUrl(WebServices::GetGroup, array(WebServiceParams::GroupId => $group->AdminGroupId())); foreach ($group->AllowedResourceIds() as $resourceId) { $this->permissions[] = $server->GetServiceUrl(WebServices::GetResource, array(WebServiceParams::ResourceId => $resourceId)); } foreach ($group->UserIds() as $userId) { $this->users[] = $server->GetServiceUrl(WebServices::GetUser, array(WebServiceParams::UserId => $userId)); } foreach ($group->RoleIds() as $roleId) { $this->roles[] = $roleId; } }
/** * @name GetAvailability * @description Returns resource availability for the requested time. "availableAt" and "availableUntil" will include availability through the next 7 days * Optional query string parameter: dateTime. If no dateTime is requested the current datetime will be used. * @response ResourcesAvailabilityResponse * @return void */ public function GetAvailability($resourceId = null) { $dateQueryString = $this->server->GetQueryString(WebServiceQueryStringKeys::DATE_TIME); if (!empty($dateQueryString)) { $requestedTime = WebServiceDate::GetDate($dateQueryString, $this->server->GetSession()); } else { $requestedTime = Date::Now(); } if (empty($resourceId)) { $resources = $this->resourceRepository->GetResourceList(); } else { $resources[] = $this->resourceRepository->LoadById($resourceId); } $lastDateSearched = $requestedTime->AddDays(30); $reservations = $this->GetReservations($this->reservationRepository->GetReservationList($requestedTime, $lastDateSearched, null, null, null, $resourceId)); $resourceAvailability = array(); foreach ($resources as $resource) { $reservation = $this->GetOngoingReservation($resource, $reservations); if ($reservation != null) { $lastReservationBeforeOpening = $this->GetLastReservationBeforeAnOpening($resource, $reservations); if ($lastReservationBeforeOpening == null) { $lastReservationBeforeOpening = $reservation; } $resourceAvailability[] = new ResourceAvailabilityResponse($this->server, $resource, $lastReservationBeforeOpening, null, $lastReservationBeforeOpening->EndDate, $lastDateSearched); } else { $resourceId = $resource->GetId(); if (array_key_exists($resourceId, $reservations)) { $resourceAvailability[] = new ResourceAvailabilityResponse($this->server, $resource, null, $reservations[$resourceId][0], null, $lastDateSearched); } else { $resourceAvailability[] = new ResourceAvailabilityResponse($this->server, $resource, null, null, null, $lastDateSearched); } } } $this->server->WriteResponse(new ResourcesAvailabilityResponse($this->server, $resourceAvailability)); }
private function GetDate($queryStringKey) { $dateQueryString = $this->server->GetQueryString($queryStringKey); if (empty($dateQueryString)) { return null; } return WebServiceDate::GetDate($dateQueryString, $this->server->GetSession()); }
/** * @return Date */ private function GetModifiedSinceDate() { $dateQueryString = $this->server->GetQueryString(WebServiceQueryStringKeys::MODIFIED_DATE); if (empty($dateQueryString)) { return Date::Min(); } else { return WebServiceDate::GetDate($dateQueryString, $this->server->GetSession()); } }
public function __construct(IRestServer $server, IReservationSlot $slot, IPrivacyFilter $privacyFilter) { $user = $server->GetSession(); $slotLabelFactory = $user->IsAdmin ? new AdminSlotLabelFactory() : new SlotLabelFactory($user); $this->slotSpan = $slot->PeriodSpan(); $this->isReserved = $slot->IsReserved(); $this->label = $slot->Label($slotLabelFactory); $this->isReservable = $slot->IsReservable(); $this->color = $slot->Color(); $this->startDateTime = $slot->BeginDate()->ToIso(); $this->endDateTime = $slot->EndDate()->ToIso(); if ($slot->IsReserved()) { /** @var ReservationSlot $slot */ $reservation = $slot->Reservation(); $showUser = $privacyFilter->CanViewUser($user, null, $reservation->UserId); $showDetails = $privacyFilter->CanViewDetails($user, null, $reservation->UserId); $this->reservation = new ReservationItemResponse($reservation, $server, $showUser, $showDetails); } }
public function testHandlesWhenUserIsNotAdmin() { $this->session->IsAdmin = false; $this->server->expects($this->at(0))->method('GetHeader')->with($this->equalTo(WebServiceHeaders::SESSION_TOKEN))->will($this->returnValue($this->sessionToken)); $this->server->expects($this->at(1))->method('GetHeader')->with($this->equalTo(WebServiceHeaders::USER_ID))->will($this->returnValue($this->userId)); $this->userSessionRepository->expects($this->once())->method('LoadBySessionToken')->with($this->equalTo($this->sessionToken))->will($this->returnValue($this->session)); $wasHandled = $this->security->HandleSecureRequest($this->server, true); $this->assertFalse($wasHandled); $this->assertFalse($this->session->_SessionExtended); }
/** * @name DeleteUser * @description Deletes an existing user * @response DeletedResponse * @param int $userId * @return void */ public function Delete($userId) { Log::Debug('UsersWriteWebService.Delete() User=%s', $this->server->GetSession()->UserId); $result = $this->controller->Delete($userId, $this->server->GetSession()); if ($result->WasSuccessful()) { Log::Debug('UsersWriteWebService.Delete() - User Deleted. UserId=%s', $result->UserId()); $this->server->WriteResponse(new DeletedResponse(), RestResponse::OK_CODE); } else { Log::Debug('UsersWriteWebService.Delete() - User Delete Failed.'); $this->server->WriteResponse(new FailedResponse($this->server, $result->Errors()), RestResponse::BAD_REQUEST_CODE); } }
/** * @param CustomAttribute[] $attributes * @return UserFilter */ private function GetUserFilter($attributes) { $attributeFilters = array(); foreach ($attributes as $attribute) { $attributeValue = $this->server->GetQueryString(WebServiceQueryStringKeys::ATTRIBUTE_PREFIX . $attribute->Id()); if (!empty($attributeValue)) { $attributeFilters[] = new Attribute($attribute, $attributeValue); } } $filter = new UserFilter($this->server->GetQueryString(WebServiceQueryStringKeys::USERNAME), $this->server->GetQueryString(WebServiceQueryStringKeys::EMAIL), $this->server->GetQueryString(WebServiceQueryStringKeys::FIRST_NAME), $this->server->GetQueryString(WebServiceQueryStringKeys::LAST_NAME), $this->server->GetQueryString(WebServiceQueryStringKeys::PHONE), $this->server->GetQueryString(WebServiceQueryStringKeys::ORGANIZATION), $this->server->GetQueryString(WebServiceQueryStringKeys::POSITION), $attributeFilters); return $filter; }
public function __construct(IRestServer $server, Schedule $schedule, IScheduleLayout $layout) { $this->daysVisible = $schedule->GetDaysVisible(); $this->id = $schedule->GetId(); $this->isDefault = $schedule->GetIsDefault(); $this->name = $schedule->GetName(); $this->timezone = $schedule->GetTimezone(); $this->weekdayStart = $schedule->GetWeekdayStart(); if ($schedule->GetIsCalendarSubscriptionAllowed()) { $url = new CalendarSubscriptionUrl(null, $schedule->GetPublicId(), null); $this->icsUrl = $url->__toString(); } $layoutDate = Date::Now()->ToTimezone($server->GetSession()->Timezone); for ($day = 0; $day < 7; $day++) { $periods = $layout->GetLayout($layoutDate); foreach ($periods as $period) { $this->periods[$layoutDate->Weekday()][] = new SchedulePeriodResponse($period); } $layoutDate = $layoutDate->AddDays(1); } }
/** * @name DeleteCustomAttribute * @description Deletes an existing custom attribute * @response DeletedResponse * @param int $attributeId * @return void */ public function Delete($attributeId) { Log::Debug('AttributesWriteWebService.Delete() AttributeId=%s, UserId=%s', $attributeId, $this->server->GetSession()->UserId); $result = $this->attributeController->Delete($attributeId, $this->server->GetSession()); if ($result->WasSuccessful()) { Log::Debug('AttributesWriteWebService.Delete() - Attribute Deleted. AttributeId=%s', $result->AttributeId()); $this->server->WriteResponse(new DeletedResponse(), RestResponse::OK_CODE); } else { Log::Debug('AttributesWriteWebService.Delete() - Attribute Delete Failed.'); $this->server->WriteResponse(new FailedResponse($this->server, $result->Errors()), RestResponse::BAD_REQUEST_CODE); } }
/** * @name DeleteReservation * @description Deletes an existing reservation. * Pass an optional updateScope query string parameter to restrict changes. Possible values for updateScope are this|full|future * @response DeletedResponse * @param string $referenceNumber * @return void */ public function Delete($referenceNumber) { Log::Debug('ReservationWriteWebService.Delete() User=%s, ReferenceNumber=%s', $this->server->GetSession()->UserId, $referenceNumber); $updateScope = $this->server->GetQueryString(WebServiceQueryStringKeys::UPDATE_SCOPE); $result = $this->controller->Delete($this->server->GetSession(), $referenceNumber, $updateScope); if ($result->WasSuccessful()) { Log::Debug('ReservationWriteWebService.Delete() - Reservation Deleted. ReferenceNumber=%s', $result->CreatedReferenceNumber()); $this->server->WriteResponse(new DeletedResponse(), RestResponse::OK_CODE); } else { Log::Debug('ReservationWriteWebService.Delete() - Reservation Failed.'); $this->server->WriteResponse(new FailedResponse($this->server, $result->Errors()), RestResponse::BAD_REQUEST_CODE); } }
/** * @name GetAvailability * @description Returns resource availability for the requested time. "availableAt" and "availableUntil" will include availability through the next 7 days * Optional query string parameter: dateTime. If no dateTime is requested the current datetime will be used. * @response ResourcesAvailabilityResponse * @return void */ public function GetAvailability($resourceId = null) { $dateQueryString = $this->server->GetQueryString(WebServiceQueryStringKeys::DATE_TIME); if (!empty($dateQueryString)) { $requestedTime = WebServiceDate::GetDate($dateQueryString, $this->server->GetSession()); } else { $requestedTime = Date::Now(); } if (empty($resourceId)) { $resources = $this->resourceRepository->GetResourceList(); } else { $resources[] = $this->resourceRepository->LoadById($resourceId); } $startDate = $requestedTime->AddDays(-1); $endDate = $requestedTime->AddDays(7); $reservations = $this->reservationRepository->GetReservationList($startDate, $endDate, null, null, null, $resourceId); $indexedReservations = array(); foreach ($reservations as $reservation) { $key = $reservation->GetResourceId(); if (!array_key_exists($key, $indexedReservations)) { $indexedReservations[$key] = array(); } $indexedReservations[$key][] = $reservation; } $resourceAvailability = array(); foreach ($resources as $resource) { $resourceId = $resource->GetResourceId(); $conflict = null; $nextReservation = null; $opening = null; if (array_key_exists($resourceId, $indexedReservations)) { $resourceReservations = $indexedReservations[$resourceId]; /** @var $reservation ReservationItemView */ foreach ($resourceReservations as $i => $reservation) { if ($conflict == null && $reservation->BufferedTimes()->Contains($requestedTime, false)) { $conflict = $reservation; } if ($nextReservation == null && $reservation->StartDate->GreaterThan($requestedTime)) { $nextReservation = $reservation; } } $opening = $this->GetOpeningAfter($resourceReservations, $requestedTime); if ($opening == null && $conflict != null) { $opening = $conflict->BufferedTimes()->GetEnd(); } } $resourceAvailability[] = new ResourceAvailabilityResponse($this->server, $resource, $conflict, $nextReservation, $opening, $endDate); } $this->server->WriteResponse(new ResourcesAvailabilityResponse($this->server, $resourceAvailability)); }
/** * @param IRestServer $server * @param ReservationView $reservation * @param IPrivacyFilter $privacyFilter * @param array|CustomAttribute[] $attributes */ public function __construct(IRestServer $server, ReservationView $reservation, IPrivacyFilter $privacyFilter, $attributes = array()) { $this->owner = ReservationUserResponse::Masked(); $canViewUser = $privacyFilter->CanViewUser($server->GetSession(), $reservation); $canViewDetails = $privacyFilter->CanViewDetails($server->GetSession(), $reservation); $this->referenceNumber = $reservation->ReferenceNumber; $this->startDateTime = $reservation->StartDate->ToTimezone($server->GetSession()->Timezone)->ToIso(); $this->endDateTime = $reservation->EndDate->ToTimezone($server->GetSession()->Timezone)->ToIso(); $this->requiresApproval = $reservation->RequiresApproval(); $this->isRecurring = $reservation->IsRecurring(); $repeatTerminationDate = $reservation->RepeatTerminationDate != null ? $reservation->RepeatTerminationDate->ToIso() : null; $this->recurrenceRule = new RecurrenceRequestResponse($reservation->RepeatType, $reservation->RepeatInterval, $reservation->RepeatMonthlyType, $reservation->RepeatWeekdays, $repeatTerminationDate); $this->resourceId = $reservation->ResourceId; $this->scheduleId = $reservation->ScheduleId; $this->AddService($server, WebServices::GetSchedule, array(WebServiceParams::ScheduleId => $reservation->ScheduleId)); foreach ($reservation->Resources as $resource) { $this->resources[] = new ResourceItemResponse($server, $resource->Id(), $resource->GetName()); } foreach ($reservation->Accessories as $accessory) { $this->accessories[] = new ReservationAccessoryResponse($server, $accessory->AccessoryId, $accessory->Name, $accessory->QuantityReserved, $accessory->QuantityAvailable); } if ($canViewDetails) { $this->title = $reservation->Title; $this->description = $reservation->Description; foreach ($attributes as $attribute) { $this->customAttributes[] = new CustomAttributeResponse($server, $attribute->Id(), $attribute->Label(), $reservation->GetAttributeValue($attribute->Id())); } foreach ($reservation->Attachments as $attachment) { $this->attachments[] = new AttachmentResponse($server, $attachment->FileId(), $attachment->FileName(), $reservation->ReferenceNumber); } } if ($canViewUser) { $this->owner = new ReservationUserResponse($server, $reservation->OwnerId, $reservation->OwnerFirstName, $reservation->OwnerLastName, $reservation->OwnerEmailAddress); foreach ($reservation->Participants as $participant) { $this->participants[] = new ReservationUserResponse($server, $participant->UserId, $participant->FirstName, $participant->LastName, $participant->Email); } foreach ($reservation->Invitees as $invitee) { $this->invitees[] = new ReservationUserResponse($server, $invitee->UserId, $invitee->FirstName, $invitee->LastName, $invitee->Email); } } if ($reservation->StartReminder != null) { $this->startReminder = new ReminderRequestResponse($reservation->StartReminder->GetValue(), $reservation->StartReminder->GetInterval()); } if ($reservation->EndReminder != null) { $this->endReminder = new ReminderRequestResponse($reservation->EndReminder->GetValue(), $reservation->EndReminder->GetInterval()); } if ($reservation->RequiresApproval()) { $this->AddService($server, WebServices::ApproveReservation, array(WebServiceParams::ReferenceNumber => $reservation->ReferenceNumber)); } }
/** * @param IRestServer $server * @param string $serviceName * @param array $params * @return void */ public function AddService(IRestServer $server, $serviceName, $params = array()) { $url = $server->GetFullServiceUrl($serviceName, $params); $this->AddServiceLink(new RestServiceLink($url, $serviceName)); }
/** * @return int|null */ private function GetScheduleId() { return $this->server->GetQueryString(WebServiceQueryStringKeys::SCHEDULE_ID); }