public function handleRequest()
{
$data = array();
$status = Response::STATUS_BAD_REQUEST;
$result = array();
if (!$this->authenticate()) {
$result['status'] = Response::STATUS_UNAUTHORIZED;
} else {
if ($this->method == 'post') {
if ($this->resource == 'cart') {
$result = $this->cart($this->data);
} elseif ($this->resource == 'order/accept') {
$result = $this->orderAccept($this->data);
} elseif ($this->resource == 'order/status') {
$result = $this->orderStatus($this->data);
}
}
}
if (!empty($result['status'])) {
$data = isset($result['data']) ? $result['data'] : '';
$response = new Response($result['status'], $data, $this->accept_type);
} else {
$response = new Response(Response::STATUS_INTERNAL_SERVER_ERROR);
}
$response->send();
}
/**
* Creates entity object of resource, runs it method and return response
*
* @param string $entity_properties Properties of entity
* @param string $parent_name Parent entity name
* @param array $parent_data Parent entity data
* @return Response Response or null
*/
private function getResponseFromEntity($entity_properties, $parent_name = null, $parent_data = null)
{
$response = null;
$entity = $this->getObjectByEntity($entity_properties);
/**
* Fake entity can't have parent
*/
if ($entity !== null || isset($this->fake_entities[$entity_properties['name']]) && !$parent_data) {
if (!empty($parent_data['data'])) {
$entity->setParentName($parent_name);
$entity->setParentData($parent_data['data']);
}
if (!empty($entity_properties['id']) && !$entity->isValidIdentifier($entity_properties['id'])) {
$response = null;
} elseif (!empty($entity_properties['child_entity'])) {
$parent_result = array('status' => Response::STATUS_FORBIDDEN);
if ($this->checkAccess($entity, 'index')) {
$parent_result = $entity->index($entity_properties['id']);
}
if (Response::isSuccessStatus($parent_result['status'])) {
$name = $entity_properties['name'];
$entity_properties = $this->getEntityFromPath($entity_properties['child_entity']);
$response = $this->getResponseFromEntity($entity_properties, $name, $parent_result);
} else {
$response = new Response($parent_result['status']);
}
} else {
$response = $this->exec($entity, $entity_properties);
}
} else {
$response = new Response(Response::STATUS_NOT_FOUND, __('object_not_found', array('[object]' => __('entity') . ' ' . $entity_properties['name'])), $this->request->getAcceptType());
}
return $response;
}
/**
* Init selected company
* Selected company id will be saved in the registry runtime.company_id
*
* @param array $params request parameters
* @return array with init data (init status, redirect url in case of redirect)
*/
function fn_init_company_id(&$params)
{
$company_id = 0;
$available_company_ids = array();
$result = array(INIT_STATUS_OK);
if (isset($params['switch_company_id'])) {
$switch_company_id = intval($params['switch_company_id']);
} else {
$switch_company_id = false;
}
if (defined('API')) {
$api = Tygh::$app['api'];
$api_response_status = false;
if ($api instanceof Api) {
if (AREA == 'A') {
if ($user_data = $api->getUserData()) {
$company_id = 0;
if ($user_data['company_id']) {
$company_id = $user_data['company_id'];
}
$store = array();
if (preg_match('/(stores|vendors)\\/(\\d+)\\/.+/', $api->getRequest()->getResource(), $store)) {
if ($company_id && $company_id != $store[2]) {
$api_response_status = Response::STATUS_FORBIDDEN;
}
$company_id = intval($store[2]);
if (!fn_get_available_company_ids($company_id)) {
$company_id = 0;
}
}
} else {
$api_response_status = Response::STATUS_UNAUTHORIZED;
}
}
} else {
$api_response_status = Response::STATUS_FORBIDDEN;
}
if ($api_response_status) {
$response = new Response($api_response_status);
/**
* Here is exit.
*/
$response->send();
}
}
// set company_id for vendor's admin
if (AREA == 'A' && !empty(Tygh::$app['session']['auth']['company_id'])) {
$company_id = intval(Tygh::$app['session']['auth']['company_id']);
$available_company_ids = array($company_id);
if (!fn_get_available_company_ids($company_id)) {
return fn_init_company_id_redirect($params, 'access_denied');
}
}
// admin switching company_id
if (!$company_id) {
if ($switch_company_id !== false) {
// request not empty
if ($switch_company_id) {
if (fn_get_available_company_ids($switch_company_id)) {
$company_id = $switch_company_id;
} else {
return fn_init_company_id_redirect($params, 'company_not_found');
}
}
fn_set_session_data('company_id', $company_id, COOKIE_ALIVE_TIME);
} else {
$company_id = fn_init_company_id_find_in_session();
}
}
if (empty($available_company_ids)) {
$available_company_ids = fn_get_available_company_ids();
}
fn_set_hook('init_company_id', $params, $company_id, $available_company_ids, $result);
Registry::set('runtime.company_id', $company_id);
Registry::set('runtime.companies_available_count', count($available_company_ids));
unset($params['switch_company_id']);
return $result;
}
