/**
* @Route ("/admin/user/{id}/edit")
* @Secure ({"ADMIN"})
* @HttpMethod ({"GET"})
*
* @param array $params
* @param ViewModel $model
* @throws Exception
* @return string
*/
public function adminUserEdit(array $params, ViewModel $model)
{
$model->title = 'User';
FilterParams::required($params, 'id');
$user = UserService::instance()->getUserById($params['id']);
if (empty($user)) {
throw new Exception('User was not found');
}
$userService = UserService::instance();
$userFeaturesService = UserFeaturesService::instance();
$apiAuthenticationService = ApiAuthenticationService::instance();
$chatlogService = ChatlogService::instance();
$subscriptionsService = SubscriptionsService::instance();
$user['roles'] = $userService->getUserRolesByUserId($user['userId']);
$user['features'] = $userFeaturesService->getUserFeatures($user['userId']);
$user['ips'] = $userService->getIPByUserId($user['userId']);
$model->user = $user;
$model->smurfs = $userService->findSameIPUsers($user['userId']);
$model->features = $userFeaturesService->getDetailedFeatures();
$ban = $userService->getUserActiveBan($user['userId']);
$banContext = array();
if (!empty($ban)) {
$banContext = $chatlogService->getChatLogBanContext($user['userId'], Date::getDateTime($ban['starttimestamp']), 18);
}
$model->banContext = $banContext;
$model->ban = $ban;
$model->authSessions = $apiAuthenticationService->getAuthSessionsByUserId($user['userId']);
$model->address = $userService->getAddressByUserId($user['userId']);
$model->subscriptions = $subscriptionsService->getUserSubscriptions($user['userId']);
if (Session::get('modelSuccess')) {
$model->success = Session::get('modelSuccess');
Session::set('modelSuccess');
}
return 'admin/user';
}
/**
* @param array $params
* @throws Exception
*/
public function authenticate(array $params)
{
if (!isset($params['authtoken']) || empty($params['authtoken'])) {
return new Response(Http::STATUS_FORBIDDEN, 'Invalid or empty authToken');
}
$authToken = ApiAuthenticationService::instance()->getAuthToken($params['authtoken']);
if (empty($authToken)) {
return new Response(Http::STATUS_FORBIDDEN, 'Auth token not found');
}
$user = UserService::instance()->getUserById($authToken['userId']);
if (empty($user)) {
return new Response(Http::STATUS_FORBIDDEN, 'User not found');
}
$credentials = new SessionCredentials($user);
$credentials->setAuthProvider('API');
$credentials->addRoles(UserRole::USER);
$credentials->addFeatures(UserFeaturesService::instance()->getUserFeatures($authToken['userId']));
$credentials->addRoles(UserService::instance()->getUserRolesByUserId($authToken['userId']));
$subscription = SubscriptionsService::instance()->getUserActiveSubscription($authToken['userId']);
if (!empty($subscription)) {
$credentials->addRoles(UserRole::SUBSCRIBER);
$credentials->addFeatures(UserFeature::SUBSCRIBER);
if ($subscription['subscriptionTier'] == 2) {
$credentials->addFeatures(UserFeature::SUBSCRIBERT2);
}
if ($subscription['subscriptionTier'] == 3) {
$credentials->addFeatures(UserFeature::SUBSCRIBERT3);
}
}
$response = new Response(Http::STATUS_OK, json_encode($credentials->getData()));
$response->addHeader(Http::HEADER_CONTENTTYPE, MimeType::JSON);
return $response;
}
/**
* @param array $params
* @return Response
* @throws Exception
*/
public function authenticate(array $params)
{
if (!isset($params['authtoken']) || empty($params['authtoken'])) {
return new Response(Http::STATUS_FORBIDDEN, 'Invalid or empty authToken');
}
$authToken = ApiAuthenticationService::instance()->getAuthToken($params['authtoken']);
if (empty($authToken)) {
return new Response(Http::STATUS_FORBIDDEN, 'Auth token not found');
}
$user = UserService::instance()->getUserById($authToken['userId']);
if (empty($user)) {
return new Response(Http::STATUS_FORBIDDEN, 'User not found');
}
$authenticationService = AuthenticationService::instance();
$credentials = $authenticationService->getUserCredentials($user, 'API');
$response = new Response(Http::STATUS_OK, json_encode($credentials->getData()));
$response->addHeader(Http::HEADER_CONTENTTYPE, MimeType::JSON);
return $response;
}
/**
* @Route ("/profile/authtoken/{authToken}/delete")
* @HttpMethod ({"POST"})
* @Secure ({"USER"})
*
* @param array $params
* @return string
* @throws Exception
* @throws \Destiny\Common\Utils\FilterParamsException
*/
public function profileAuthTokenDelete(array $params)
{
FilterParams::required($params, 'authToken');
$userId = Session::getCredentials()->getUserId();
$apiAuthService = ApiAuthenticationService::instance();
$authToken = $apiAuthService->getAuthToken($params['authToken']);
if (empty($authToken)) {
throw new Exception('Auth token not found');
}
if ($authToken['userId'] != $userId) {
throw new Exception('Auth token not owned by user');
}
$apiAuthService->removeAuthToken($authToken['authTokenId']);
Session::set('modelSuccess', 'Auth token removed!');
return 'redirect: /profile/authentication';
}
/**
* @Route ("/admin/user/{id}/auth/{provider}/delete")
* @Secure ({"ADMIN"})
* @HttpMethod ({"POST"})
*
* @param array $params
* @return string
*/
public function authProviderDelete(array $params)
{
$apiAuthService = ApiAuthenticationService::instance();
$apiAuthService->deleteAuthProfileByUserId($params['id'], $params['provider']);
Session::set('modelSuccess', 'Authentication profile removed!');
return 'redirect: /admin/user/' . urlencode($params['id']) . '/edit';
}
