/** * /messages/{groupId}/outbox/{msgId} * /messages/{groupId}/outbox * * @param RequestItem $requestItem * @return responseItem */ public function handlePost(RequestItem $requestItem) { $requestItem->applyUrlTemplate(self::$MESSAGES_PATH); $userIds = $requestItem->getUsers(); $message = $requestItem->getParameter('message'); $optionalMessageId = $requestItem->getParameter('msgId'); return $this->service->createMessage($userIds[0], $requestItem->getAppId(), $message, $optionalMessageId, $requestItem->getToken()); }
/** * /groups/{userId} * * examples: * /groups/john.doe?fields=count * /groups/@me * * @param RequestItem $requestItem * @return ResponseItem */ public function handleGet(RequestItem $requestItem) { $this->checkService(); $requestItem->applyUrlTemplate(self::$GROUPS_PATH); $userIds = $requestItem->getUsers(); if (count($userIds) < 1) { throw new InvalidArgumentException("No userId(s) specified"); } return $this->service->getPersonGroups($userIds[0], $requestItem->getGroup(), $requestItem->getToken()); }
/** * Updates the album. The URI structure: /{userId}/{groupId}/{albumId} */ public function handlePut(RequestItem $requestItem) { $this->checkService(); $requestItem->applyUrlTemplate(self::$ALBUM_PATH); $userIds = $requestItem->getUsers(); $groupId = $requestItem->getGroup(); $albumIds = $requestItem->getListParameter('albumId'); $album = $requestItem->getParameter('album'); HandlerPreconditions::requireSingular($userIds, "userId must be singular value"); HandlerPreconditions::requireNotEmpty($groupId, "groupId must be specified."); HandlerPreconditions::requireSingular($albumIds, "albumId must be singular value."); HandlerPreconditions::requireNotEmpty($album, "album must be specified."); $album['id'] = $albumIds[0]; return $this->service->updateAlbum($userIds[0], $groupId, $album, $requestItem->getToken()); }
/** * /activities/{userId}/@self * * examples: * /activities/@viewer/@self/@app * /activities/john.doe/@self * - postBody is an activity object */ public function handlePost(RequestItem $requestItem) { $requestItem->applyUrlTemplate(self::$ACTIVITY_ID_PATH); $userIds = $requestItem->getUsers(); $activityIds = $requestItem->getListParameter("activityId"); if (empty($userIds)) { throw new InvalidArgumentException("No userId specified"); } elseif (count($userIds) > 1) { throw new InvalidArgumentException("Multiple userIds not supported"); } // TODO This seems reasonable to allow on PUT but we don't have an update verb. if (!empty($activityIds)) { throw new InvalidArgumentException("Cannot specify activityId in create"); } return $this->service->createActivity($userIds[0], $requestItem->getGroup(), $requestItem->getAppId(), $requestItem->getFields(), $requestItem->getParameter("activity"), $requestItem->getToken()); }
/** * Allowed end-points /people/{userId}+/{groupId} /people/{userId}/{groupId}/{optionalPersonId}+ * * examples: /people/john.doe/@all /people/john.doe/@friends /people/john.doe/@self */ public function handleGet(RequestItem $request) { $request->applyUrlTemplate(self::$PEOPLE_PATH); $groupId = $request->getGroup(); $optionalPersonId = $request->getListParameter("personId"); $fields = $request->getFields(self::$DEFAULT_FIELDS); $userIds = $request->getUsers(); // Preconditions if (count($userIds) < 1) { throw new IllegalArgumentException("No userId specified"); } elseif (count($userIds) > 1 && count($optionalPersonId) != 0) { throw new IllegalArgumentException("Cannot fetch personIds for multiple userIds"); } $options = new CollectionOptions(); $options->setSortBy($request->getSortBy()); $options->setSortOrder($request->getSortOrder()); $options->setFilterBy($request->getFilterBy()); $options->setFilterOperation($request->getFilterOperation()); $options->setFilterValue($request->getFilterValue()); $options->setStartIndex($request->getStartIndex()); $options->setCount($request->getCount()); // personId: Array ( [0] => 8 ) if (count($userIds) == 1) { if (count($optionalPersonId) == 0) { if ($groupId->getType() == 'self') { return $this->personService->getPerson($userIds[0], $groupId, $fields, $request->getToken()); } else { return $this->personService->getPeople($userIds, $groupId, $options, $fields, $request->getToken()); } } elseif (count($optionalPersonId) == 1) { return $this->personService->getPerson($optionalPersonId[0], $groupId, $fields, $request->getToken()); } else { $personIds = array(); foreach ($optionalPersonId as $pid) { $personIds[] = new UserId('userId', $pid); } // Every other case is a collection response of optional person ids return $this->personService->getPeople($personIds, new GroupId('self', null), $options, $fields, $request->getToken()); } } // Every other case is a collection response. return $this->personService->getPeople($userIds, $groupId, $options, $fields, $request->getToken()); }
/** * /appdata/{userId}/{groupId}/{appId} * - fields={field1, field2} * * examples: * /appdata/john.doe/@friends/app?fields=count * /appdata/john.doe/@self/app * * The post data should be a regular json object. All of the fields vars will * be pulled from the values and set on the person object. If there are no * fields vars then all of the data will be overridden. */ public function handlePost(RequestItem $requestItem) { $requestItem->applyUrlTemplate(self::$APP_DATA_PATH); $userIds = $requestItem->getUsers(); if (count($userIds) < 1) { throw new InvalidArgumentException("No userId specified"); } elseif (count($userIds) > 1) { throw new InvalidArgumentException("Multiple userIds not supported"); } $values = $requestItem->getParameter("data"); // this used to be $requestItem->getFields() instead of using the fields, but that makes no sense to me // better to detect the fields depending on input right? $fields = array(); foreach (array_keys($values) as $key) { $fields[] = $key; if (!$this->isValidKey($key)) { throw new SocialSpiException("One or more of the app data keys are invalid: " . $key, ResponseError::$BAD_REQUEST); } } $this->service->updatePersonData($userIds[0], $requestItem->getGroup(), $requestItem->getAppId(), $fields, $values, $requestItem->getToken()); }
/** * /activities/{userId}/@self * * examples: * /activities/@viewer/@self/@app * /activities/john.doe/@self * - postBody is an activity object */ public function handlePost(RequestItem $requestItem) { $requestItem->applyUrlTemplate(self::$ACTIVITY_ID_PATH); $userIds = $requestItem->getUsers(); $activityIds = $requestItem->getListParameter("activityId"); if (empty($userIds)) { throw new InvalidArgumentException("No userId specified"); } elseif (count($userIds) > 1) { throw new InvalidArgumentException("Multiple userIds not supported"); } // TODO This seems reasonable to allow on PUT but we don't have an update verb. if (!empty($activityIds)) { throw new InvalidArgumentException("Cannot specify activityId in create"); } /* * Note, on just about all types of social networks you would only allow activities to be created when the owner == viewer, and the userId == viewer as well, in code this would mean: * if ($token->getOwnerId() != $token->getViewerId() || $token->getViewerId() != $userId->getUserId($token)) { * throw new SocialSpiException("Create activity permission denied.", ResponseError::$UNAUTHORIZED); * } */ return $this->service->createActivity($userIds[0], $requestItem->getGroup(), $requestItem->getAppId(), $requestItem->getFields(), $requestItem->getParameter("activity"), $requestItem->getToken()); }
/** * Allowed end-points /people/{userId}+/{groupId} /people/{userId}/{groupId}/{optionalPersonId}+ * * examples: /people/john.doe/@all /people/john.doe/@friends /people/john.doe/@self */ public function handleGet(RequestItem $request) { $this->checkService(); $request->applyUrlTemplate(self::$PEOPLE_PATH); $groupId = $request->getGroup(); $optionalPersonId = $request->getListParameter("personId"); $fields = $request->getFields(self::$DEFAULT_FIELDS); $userIds = $request->getUsers(); // Preconditions if (count($userIds) < 1) { throw new IllegalArgumentException("No userId specified"); } elseif (count($userIds) > 1 && count($optionalPersonId) != 0) { throw new IllegalArgumentException("Cannot fetch personIds for multiple userIds"); } $options = new CollectionOptions(); $options->setSortBy($request->getSortBy()); $options->setSortOrder($request->getSortOrder()); $options->setFilterBy($request->getFilterBy()); $options->setFilterOperation($request->getFilterOperation()); $options->setFilterValue($request->getFilterValue()); $options->setStartIndex($request->getStartIndex()); $options->setCount($request->getCount()); $token = $request->getToken(); $groupType = $groupId->getType(); // handle Anonymous Viewer exceptions $containAnonymousUser = false; if ($token->isAnonymous()) { // Find out whether userIds contains // a) @viewer, b) @me, c) SecurityToken::$ANONYMOUS foreach ($userIds as $key => $id) { if (in_array($id->getType(), self::$ANONYMOUS_ID_TYPE) || $id->getType() == 'userId' && $id->getUserId($token) == SecurityToken::$ANONYMOUS) { $containAnonymousUser = true; unset($userIds[$key]); } } if ($containAnonymousUser) { $userIds = array_values($userIds); // Skip any requests if groupId is not @self or @all, since anonymous viewer won't have friends. if ($groupType != 'self' && $groupType != 'all') { throw new Exception("Can't get friend from an anonymous viewer."); } } } if ($containAnonymousUser && count($userIds) == 0) { return self::$ANONYMOUS_VIEWER; } $service = $this->service; $ret = null; if (count($userIds) == 1) { if (count($optionalPersonId) == 0) { if ($groupType == 'self') { $ret = $service->getPerson($userIds[0], $groupId, $fields, $token); } else { $ret = $service->getPeople($userIds, $groupId, $options, $fields, $token); } } elseif (count($optionalPersonId) == 1) { $ret = $service->getPerson($optionalPersonId[0], $groupId, $fields, $token); } else { $personIds = array(); foreach ($optionalPersonId as $pid) { $personIds[] = new UserId('userId', $pid); } // Every other case is a collection response of optional person ids $ret = $service->getPeople($personIds, new GroupId('self', null), $options, $fields, $token); } } else { // Every other case is a collection response. $ret = $service->getPeople($userIds, $groupId, $options, $fields, $token); } // Append anonymous viewer if ($containAnonymousUser) { if (is_array($ret)) { // Single user $people = array($ret, self::$ANONYMOUS_VIEWER); $ret = new RestfulCollection($people, $options->getStartIndex(), 2); $ret->setItemsPerPage($options->getCount()); } else { // Multiple users $ret->entry[] = self::$ANONYMOUS_VIEWER; $ret->totalResults += 1; } } return $ret; }
/** * Updates a message or a message collection. */ public function handlePut(RequestItem $requestItem) { $this->checkService(); $requestItem->applyUrlTemplate(self::$MESSAGES_PATH); $userIds = $requestItem->getUsers(); HandlerPreconditions::requireSingular($userIds, "UserId is not singular."); $msgCollId = $requestItem->getParameter("msgCollId"); HandlerPreconditions::requireNotEmpty($msgCollId, "msgCollId is required."); $messageIds = $requestItem->getListParameter("messageId"); if (empty($messageIds)) { // Updates message collection. $messageCollection = $requestItem->getParameter("entity"); $messageCollection['id'] = $msgCollId; HandlerPreconditions::requireNotEmpty($messageCollection, "Can't parse message collection."); return $this->service->updateMessageCollection($userIds[0], $messageCollection, $requestItem->getToken()); } else { // Updates a message. HandlerPreconditions::requireSingular($messageIds, "Message id is not singular."); $message = $requestItem->getParameter("entity"); $message['id'] = $messageIds[0]; HandlerPreconditions::requireNotEmpty($message, "Can't parse message."); return $this->service->updateMessage($userIds[0], $msgCollId, $message, $requestItem->getToken()); } }