/**
* @name GetSlots
* @description Loads slots for a specific schedule
* Optional query string parameters: resourceId, startDateTime, endDateTime.
* If no dates are provided the default schedule dates will be returned.
* If dates do not include the timezone offset, the timezone of the authenticated user will be assumed.
* @response ScheduleSlotsResponse
* @param $scheduleId
* @return void
*/
public function GetSlots($scheduleId)
{
$startDate = $this->GetDate(WebServiceQueryStringKeys::START_DATE_TIME);
$endDate = $this->GetDate(WebServiceQueryStringKeys::END_DATE_TIME);
$resourceId = $this->server->GetQueryString(WebServiceQueryStringKeys::RESOURCE_ID);
$scheduleWebServiceView = new ScheduleWebServiceView($scheduleId, $startDate);
$permissionServiceFactory = new PermissionServiceFactory();
$scheduleRepository = new ScheduleRepository();
$userRepository = new UserRepository();
$resourceService = new ResourceService(new ResourceRepository(), $permissionServiceFactory->GetPermissionService(), new AttributeService(new AttributeRepository()), $userRepository);
$builder = new ScheduleWebServicePageBuilder($startDate, $endDate, $resourceId);
$reservationService = new ReservationService(new ReservationViewRepository(), new ReservationListingFactory());
$dailyLayoutFactory = new DailyLayoutFactory();
$scheduleService = new ScheduleService($scheduleRepository, $resourceService);
$presenter = new SchedulePresenter($scheduleWebServiceView, $scheduleService, $resourceService, $builder, $reservationService, $dailyLayoutFactory);
$presenter->PageLoad($this->server->GetSession());
$layout = $scheduleWebServiceView->GetDailyLayout();
$isError = $scheduleWebServiceView->IsPermissionError();
$dates = $scheduleWebServiceView->GetDates();
$resources = $scheduleWebServiceView->GetResources();
if ($isError) {
$this->server->WriteResponse(RestResponse::Unauthorized(), RestResponse::UNAUTHORIZED_CODE);
} else {
$response = new ScheduleSlotsResponse($this->server, $scheduleId, $layout, $dates, $resources, $this->privacyFilter);
$this->server->WriteResponse($response);
}
}
/**
* @name GetUser
* @description Loads the requested user by Id
* @response UserResponse
* @param int $userId
* @return void
*/
public function GetUser($userId)
{
$responseCode = RestResponse::OK_CODE;
$hideUsers = Configuration::Instance()->GetSectionKey(ConfigSection::PRIVACY, ConfigKeys::PRIVACY_HIDE_USER_DETAILS, new BooleanConverter());
$userSession = $this->server->GetSession();
$repository = $this->repositoryFactory->Create($userSession);
$user = $repository->LoadById($userId);
$loadedUserId = $user->Id();
if (empty($loadedUserId)) {
$this->server->WriteResponse(RestResponse::NotFound(), RestResponse::NOT_FOUND_CODE);
return;
}
$attributes = $this->attributeService->GetAttributes(CustomAttributeCategory::USER, array($userId));
if ($userId == $userSession->UserId || !$hideUsers || $userSession->IsAdmin) {
$response = new UserResponse($this->server, $user, $attributes);
} else {
$me = $repository->LoadById($userSession->UserId);
if ($me->IsAdminFor($user)) {
$response = new UserResponse($this->server, $user, $attributes);
} else {
$response = RestResponse::Unauthorized();
$responseCode = RestResponse::UNAUTHORIZED_CODE;
}
}
$this->server->WriteResponse($response, $responseCode);
}
public function testWhenNotAllowedToGetUser()
{
$sessionUserId = $this->server->GetSession()->UserId;
$userId = 999;
$this->HideUsers(true);
$user = new FakeUser($userId);
$me = new FakeUser($sessionUserId);
$me->_SetIsAdminForUser(false);
$attributes = $this->getMock('IEntityAttributeList');
$this->userRepositoryFactory->expects($this->once())->method('Create')->with($this->equalTo($this->server->GetSession()))->will($this->returnValue($this->userRepository));
$this->userRepository->expects($this->at(0))->method('LoadById')->with($this->equalTo($userId))->will($this->returnValue($user));
$this->userRepository->expects($this->at(1))->method('LoadById')->with($this->equalTo($sessionUserId))->will($this->returnValue($me));
$this->attributeService->expects($this->once())->method('GetAttributes')->with($this->equalTo(CustomAttributeCategory::USER), $this->equalTo(array($userId)))->will($this->returnValue($attributes));
$this->service->GetUser($userId);
$this->assertEquals(RestResponse::Unauthorized(), $this->server->_LastResponse);
$this->assertEquals(RestResponse::UNAUTHORIZED_CODE, $this->server->_LastResponseCode);
}
