/**
* @param array $params
* @throws Exception
*/
public function authenticate(array $params)
{
if (!isset($params['authtoken']) || empty($params['authtoken'])) {
return new Response(Http::STATUS_FORBIDDEN, 'Invalid or empty authToken');
}
$authToken = ApiAuthenticationService::instance()->getAuthToken($params['authtoken']);
if (empty($authToken)) {
return new Response(Http::STATUS_FORBIDDEN, 'Auth token not found');
}
$user = UserService::instance()->getUserById($authToken['userId']);
if (empty($user)) {
return new Response(Http::STATUS_FORBIDDEN, 'User not found');
}
$credentials = new SessionCredentials($user);
$credentials->setAuthProvider('API');
$credentials->addRoles(UserRole::USER);
$credentials->addFeatures(UserFeaturesService::instance()->getUserFeatures($authToken['userId']));
$credentials->addRoles(UserService::instance()->getUserRolesByUserId($authToken['userId']));
$subscription = SubscriptionsService::instance()->getUserActiveSubscription($authToken['userId']);
if (!empty($subscription)) {
$credentials->addRoles(UserRole::SUBSCRIBER);
$credentials->addFeatures(UserFeature::SUBSCRIBER);
if ($subscription['subscriptionTier'] == 2) {
$credentials->addFeatures(UserFeature::SUBSCRIBERT2);
}
if ($subscription['subscriptionTier'] == 3) {
$credentials->addFeatures(UserFeature::SUBSCRIBERT3);
}
}
$response = new Response(Http::STATUS_OK, json_encode($credentials->getData()));
$response->addHeader(Http::HEADER_CONTENTTYPE, MimeType::JSON);
return $response;
}
/**
* @Route ("/admin/user/{id}/edit")
* @Secure ({"ADMIN"})
* @HttpMethod ({"POST"})
* @Transactional
*
* @param array $params
* @param ViewModel $model
* @throws Exception
* @return string
*/
public function adminUserEditProcess(array $params, ViewModel $model)
{
$model->title = 'User';
FilterParams::required($params, 'id');
$authService = AuthenticationService::instance();
$userService = UserService::instance();
$userFeatureService = UserFeaturesService::instance();
$user = $userService->getUserById($params['id']);
if (empty($user)) {
throw new Exception('User was not found');
}
$username = isset($params['username']) && !empty($params['username']) ? $params['username'] : $user['username'];
$email = isset($params['email']) && !empty($params['email']) ? $params['email'] : $user['email'];
$country = isset($params['country']) && !empty($params['country']) ? $params['country'] : $user['country'];
$allowGifting = isset($params['allowGifting']) ? $params['allowGifting'] : $user['allowGifting'];
$authService->validateUsername($username, $user);
$authService->validateEmail($email, $user);
if (!empty($country)) {
$countryArr = Country::getCountryByCode($country);
if (empty($countryArr)) {
throw new Exception('Invalid country');
}
$country = $countryArr['alpha-2'];
}
// Data for update
$userData = array('username' => $username, 'country' => $country, 'email' => $email, 'allowGifting' => $allowGifting);
$userService->updateUser($user['userId'], $userData);
$user = $userService->getUserById($params['id']);
// Features
if (!isset($params['features'])) {
$params['features'] = array();
}
// Roles
if (!isset($params['roles'])) {
$params['roles'] = array();
}
$userFeatureService->setUserFeatures($user['userId'], $params['features']);
$userService->setUserRoles($user['userId'], $params['roles']);
$authService->flagUserForUpdate($user['userId']);
Session::set('modelSuccess', 'User profile updated');
return 'redirect: /admin/user/' . $user['userId'] . '/edit';
}
/**
* @Route ("/admin/user/{userId}/ban/{id}/edit")
* @Secure ({"ADMIN"})
* @HttpMethod ({"GET"})
*
* @param array $params
*/
public function editBan(array $params, ViewModel $model)
{
$model->title = 'Update Ban';
if (!isset($params['id']) || empty($params['id'])) {
throw new Exception('id required');
}
if (!isset($params['userId']) || empty($params['userId'])) {
throw new Exception('userId required');
}
$authenticationService = AuthenticationService::instance();
$userService = UserService::instance();
$userFeatureService = UserFeaturesService::instance();
$user = $userService->getUserById($params['userId']);
if (empty($user)) {
throw new Exception('User was not found');
}
$model->user = $user;
$model->ban = $userService->getBanById($params['id']);
return 'admin/userban';
}
/**
* @param array $user
* @param string $authProvider
* @return SessionCredentials
*/
public function getUserCredentials(array $user, $authProvider)
{
$credentials = new SessionCredentials($user);
$credentials->setAuthProvider($authProvider);
$credentials->addRoles(UserRole::USER);
$credentials->addFeatures(UserFeaturesService::instance()->getUserFeatures($user['userId']));
$credentials->addRoles(UserService::instance()->getUserRolesByUserId($user['userId']));
$subscription = SubscriptionsService::instance()->getUserActiveSubscription($user['userId']);
if (!empty($subscription) or $user['istwitchsubscriber']) {
$credentials->addRoles(UserRole::SUBSCRIBER);
$credentials->addFeatures(UserFeature::SUBSCRIBER);
if ($user['istwitchsubscriber']) {
$credentials->addFeatures(UserFeature::SUBSCRIBERT0);
}
}
if (!empty($subscription)) {
if ($subscription['subscriptionTier'] == 2) {
$credentials->addFeatures(UserFeature::SUBSCRIBERT2);
}
if ($subscription['subscriptionTier'] == 3) {
$credentials->addFeatures(UserFeature::SUBSCRIBERT3);
}
if ($subscription['subscriptionTier'] == 4) {
$credentials->addFeatures(UserFeature::SUBSCRIBERT4);
}
}
return $credentials;
}
/**
* @Route ("/profile/update")
* @HttpMethod ({"POST"})
* @Secure ({"USER"})
* @Transactional
*
* @param array $params
* @param ViewModel $model
* @throws Exception
* @return string
*/
public function profileSave(array $params, ViewModel $model)
{
// Get user
$userService = UserService::instance();
$userFeaturesService = UserFeaturesService::instance();
$subscriptionsService = SubscriptionsService::instance();
$authenticationService = AuthenticationService::instance();
$userId = Session::getCredentials()->getUserId();
$user = $userService->getUserById($userId);
if (empty($user)) {
throw new Exception('Invalid user');
}
$username = isset($params['username']) && !empty($params['username']) ? $params['username'] : $user['username'];
$email = isset($params['email']) && !empty($params['email']) ? $params['email'] : $user['email'];
$country = isset($params['country']) && !empty($params['country']) ? $params['country'] : $user['country'];
$allowGifting = isset($params['allowGifting']) ? $params['allowGifting'] : $user['allowGifting'];
try {
$authenticationService->validateUsername($username, $user);
$authenticationService->validateEmail($email, $user);
if (!empty($country)) {
$countryArr = Country::getCountryByCode($country);
if (empty($countryArr)) {
throw new Exception('Invalid country');
}
$country = $countryArr['alpha-2'];
}
} catch (Exception $e) {
Session::set('modelError', $e->getMessage());
return 'redirect: /profile';
}
// Date for update
$userData = array('username' => $username, 'country' => $country, 'email' => $email, 'allowGifting' => $allowGifting);
// Is the user changing their name?
if (strcasecmp($username, $user['username']) !== 0) {
$nameChangeCount = intval($user['nameChangedCount']);
// have they hit their limit
if ($nameChangeCount >= Config::$a['profile']['nameChangeLimit']) {
throw new Exception('You have reached your name change limit');
} else {
$userData['nameChangedDate'] = Date::getDateTime('NOW')->format('Y-m-d H:i:s');
$userData['nameChangedCount'] = $nameChangeCount + 1;
}
}
// Update user
$userService->updateUser($user['userId'], $userData);
$authenticationService->flagUserForUpdate($user['userId']);
Session::set('modelSuccess', 'Your profile has been updated');
return 'redirect: /profile';
}
/**
* @Route ("/admin/user/{id}/edit")
* @Secure ({"ADMIN"})
* @HttpMethod ({"POST"})
*
* @param array $params
* @param ViewModel $model
* @return string
* @throws Exception
* @throws \Exception
*/
public function adminUserEditProcess(array $params, ViewModel $model)
{
$model->title = 'User';
FilterParams::required($params, 'id');
$authService = AuthenticationService::instance();
$userService = UserService::instance();
$userFeatureService = UserFeaturesService::instance();
$user = $userService->getUserById($params['id']);
if (empty($user)) {
throw new Exception('User was not found');
}
$username = isset($params['username']) && !empty($params['username']) ? $params['username'] : $user['username'];
$email = isset($params['email']) && !empty($params['email']) ? $params['email'] : $user['email'];
$country = isset($params['country']) && !empty($params['country']) ? $params['country'] : $user['country'];
$allowGifting = isset($params['allowGifting']) ? $params['allowGifting'] : $user['allowGifting'];
$minecraftname = isset($params['minecraftname']) && !empty($params['minecraftname']) ? $params['minecraftname'] : $user['minecraftname'];
$minecraftuuid = isset($params['minecraftuuid']) && !empty($params['minecraftuuid']) ? $params['minecraftuuid'] : $user['minecraftuuid'];
$authService->validateEmail($email, $user);
if (!empty($country)) {
$countryArr = Country::getCountryByCode($country);
if (empty($countryArr)) {
throw new Exception('Invalid country');
}
$country = $countryArr['alpha-2'];
}
$userData = array('username' => $username, 'country' => $country, 'email' => $email, 'minecraftname' => $minecraftname, 'minecraftuuid' => $minecraftuuid, 'allowGifting' => $allowGifting);
$log = Application::instance()->getLogger();
$conn = Application::instance()->getConnection();
$conn->beginTransaction();
try {
$userService->updateUser($user['userId'], $userData);
$user = $userService->getUserById($params['id']);
if (!isset($params['features'])) {
$params['features'] = array();
}
if (!isset($params['roles'])) {
$params['roles'] = array();
}
$userFeatureService->setUserFeatures($user['userId'], $params['features']);
$userService->setUserRoles($user['userId'], $params['roles']);
$authService->flagUserForUpdate($user['userId']);
$conn->commit();
} catch (\Exception $e) {
$log->critical("Error updating user", $user);
$conn->rollBack();
throw $e;
}
Session::set('modelSuccess', 'User profile updated');
return 'redirect: /admin/user/' . $user['userId'] . '/edit';
}
