/**
* @param OperationResponse $response
*/
public function handleResponse(OperationResponse $response)
{
// Add headers declared by the operation response
$this->server->response()->status($response->getStatus());
$this->server->response()->header('Access-Control-Allow-Origin', '*');
foreach ($response->getHeaders() as $name => $val) {
$this->server->response()->header($name, $val);
}
// Call output event
$this->server->triggerEvent('output', $this->db, $this->cache);
// Filter body content
$body = $this->server->applyFilter('body', $response->getBody(), $this->db, $this->cache);
// Output body
if ($this->server->config('application.output') === 'xml') {
$this->outputXML($body);
} else {
$this->outputJSON($body);
}
}
/**
* @inheritdoc
*/
public function exec(Server $server, ConnectionInterface $db, CacheInterface $cache)
{
// add possible config
$this->setConfig($server->config('application.user_object'));
// Create user factory
if (empty($this->conf['factory'])) {
$this->userFactory = new UserFactory($db, $cache);
} else {
$this->userFactory = new $this->conf['factory']($db, $cache);
}
$method = $this->request->getMethod();
$requestedUser = $this->requestedObject() ? $this->userFactory->load($this->requestedObject()) : false;
if (($method == 'POST' || $method == 'DELETE') && $requestedUser && !$this->user->isAdmin() && !$this->user->isEqual($requestedUser)) {
return new OperationResponse(401, array('error' => 'Only admins can edit/remove other users'));
}
if ($method == 'DELETE' && $requestedUser && $requestedUser->isAdmin()) {
return new OperationResponse(403, array('error' => 'A user with admin privileges can not be removed. You have to remove admin privileges first (/api/admin)'));
}
// Trigger event
$server->triggerEvent(strtolower($method) . '.user', $db, $cache);
return parent::exec($server, $db, $cache);
}
/**
* @inheritdoc
*/
public function exec(Server $server, ConnectionInterface $db, CacheInterface $cache)
{
$factory = $this->createFactory($db, $cache);
$method = $this->request->getMethod();
$requestedObj = $this->requestedObject() ? $factory->load($this->requestedObject()) : null;
$response = new OperationResponse();
// Trigger event
$server->triggerEvent(strtolower($method) . '.object', $db, $cache);
// Create object
if ($method == 'POST' && $this->requestedObject() === false) {
$this->createNewObject($factory, $response, $db, $cache, $server);
} else {
// object not found
if (empty($requestedObj) && empty($_GET[self::SEARCH_QUERY_ARG])) {
$response->setStatus(404);
$response->setBody(array('error' => 'object not found -> ' . $_SERVER['QUERY_STRING']));
} else {
// Update object
if ($method == 'POST') {
$this->updateObject($requestedObj, $factory, $response, $db, $cache, $server);
} elseif ($method == 'DELETE') {
$factory->delete($requestedObj);
$response->setStatus(204);
} else {
// Search for object
if (isset($_REQUEST[self::SEARCH_QUERY_ARG])) {
/* @var SearchResult $result */
$search = $this->searchObjects($factory, $db, $cache, $server);
list($offset, $limit, $query, $result, $objects) = $search;
$response->setBody(array('query' => $query, 'matching' => $result->getNumMatching(), 'offset' => $offset, 'limit' => $limit, 'objects' => $objects));
} else {
$response->setBody($this->objectToArray($requestedObj, $server, $db, $cache));
}
}
}
}
return $response;
}
