public function execute($body, array $params) { // Decode the request body $this->data = $body == "" ? [] : json_decode($body); // Check a client id was provided if (!array_key_exists(Headers::CLIENT_ID, $_SERVER)) { throw new InvalidClientException(); } // Check the auth details were provided if (!isset($_SERVER[Headers::AUTH_USER]) || !isset($_SERVER[Headers::AUTH_TOKEN])) { throw new AuthorizationException("Must provide authentication"); } // Collect the request details $this->user = UserBackend::fetch_user_profile($_SERVER[Headers::AUTH_USER]); $this->params = $params; $this->method = $_SERVER["REQUEST_METHOD"]; $token = Token::decode($_SERVER[Headers::AUTH_TOKEN]); $this->clientid = Token::decode($_SERVER[Headers::CLIENT_ID]); // If debugging we ignore auth checks if (DEBUG) { return parent::execute($body, $params); } // Validate the access token if ($token->getType() != TOKEN_ACCESS) { throw new AuthorizationException("Token provided is not a access token"); } if (!TokenBackend::validate_token($this->clientid, $this->user->getUserId(), $token)) { throw new InvalidTokenException("Token provided is not a valid access token"); } // Handle the request $payload = $this->handle($this->data); $payload["client-id"] = $this->clientid->toString(); return $payload; }
private function handle_patch($data) { $profile = UserBackend::fetch_user_profile($this->params['id']); $displayname = $profile->getDisplayName(); $username = $profile->getUsername(); if (isset($data->{"display-name"})) { $displayname = $data->{"display-name"}; } if (isset($data->{"user-name"})) { $username = $data->{"user-name"}; } $profile = new UserProfile($profile->getUserId(), $username, $displayname); UserBackend::update_user_profile($profile); return $this->handle_get($data); }
public static function fetch_user_scores(UserProfile $user, array $assignment) { $query = Database::generate_query("user_assignment_score", [$user->getUserId()->toString(), $assignment["assignment-id"]]); $result = $query->execute(); $row = $result->fetch_data(); if ($row['score_id'] == null) { return null; } $data = ["completed" => $row['date_completed'], "score" => $row['score']]; $query = Database::generate_query("user_assignment_question_scores", [$user->getUserId()->toString(), $assignment["assignment-id"], $row['score_id']]); $result = $query->execute(); $i = 1; while ($row = $result->fetch_data()) { $data["questions"]["" . $i++] = $row['score']; } return $data; }
/** * Checks if this profile represents the same user as another. * * @param UserProfile $profile the profile to check * * @return bool true if they are for the same user, false otherwise */ public function equals(UserProfile $profile) { return $this->getUserId() == $profile->getUserId(); }