public function renderGet()
{
$agent = new Set($this->agent);
$object = ['objectType' => 'Person'];
if ($agent->has('name')) {
$object['name'] = [$agent->get('name')];
}
if ($agent->has('mbox')) {
$object['mbox'] = [$agent->get('mbox')];
}
if ($agent->has('mbox_sha1sum')) {
$object['mbox_sha1sum'] = [$agent->get('mbox_sha1sum')];
}
if ($agent->has('openid')) {
$object['openid'] = [$agent->get('openid')];
}
if ($agent->has('account')) {
$object['account'] = [$agent->get('account')];
}
return $object;
}
/**
* Logs the user in.
*
* @return \API\Document\User The user document
*/
public function loginPost($request)
{
$params = new Set($request->post());
// CSRF protection
if (!$params->has('csrfToken') || !isset($_SESSION['csrfToken']) || $params->get('csrfToken') !== $_SESSION['csrfToken']) {
throw new \Exception('Invalid CSRF token.', Resource::STATUS_BAD_REQUEST);
}
// This could be in JSON schema as well :)
if (!$params->has('email') || !$params->has('password')) {
throw new \Exception('Username or password missing!', Resource::STATUS_BAD_REQUEST);
}
$collection = $this->getDocumentManager()->getCollection('users');
$cursor = $collection->find();
$cursor->where('email', $params->get('email'));
$cursor->where('passwordHash', sha1($params->get('password')));
$document = $cursor->current();
if (null === $document) {
$errorMessage = 'Invalid login attempt. Try again!';
$this->errors[] = $errorMessage;
throw new \Exception($errorMessage, Resource::STATUS_UNAUTHORIZED);
}
$this->single = true;
$this->users = [$document];
// Set the session
$_SESSION['userId'] = $document->getId();
$_SESSION['expiresAt'] = time() + 3600;
//1 hour
// Set the Remember me cookie
$rememberMeStorage = new RemembermeMongoStorage($this->getDocumentManager());
$rememberMe = new Rememberme\Authenticator($rememberMeStorage);
if ($params->has('rememberMe')) {
$rememberMe->createCookie($document->getId());
} else {
$rememberMe->clearCookie();
}
return $document;
}
/**
* Fetches activity profiles according to the given parameters.
*
* @param array $request The incoming HTTP request
*
* @return array An array of activityProfile objects.
*/
public function activityProfileGet($request)
{
$params = new Set($request->get());
$collection = $this->getDocumentManager()->getCollection('activityProfiles');
$cursor = $collection->find();
// Single activity state
if ($params->has('profileId')) {
$cursor->where('profileId', $params->get('profileId'));
$cursor->where('activityId', $params->get('activityId'));
if ($cursor->count() === 0) {
throw new Exception('Activity state does not exist.', Resource::STATUS_NOT_FOUND);
}
$this->cursor = $cursor;
$this->single = true;
return $this;
}
$cursor->where('activityId', $params->get('activityId'));
if ($params->has('since')) {
$since = Util\Date::dateStringToMongoDate($params->get('since'));
$cursor->whereGreaterOrEqual('mongoTimestamp', $since);
}
$this->cursor = $cursor;
return $this;
}
public function get()
{
$request = $this->getSlim()->request();
// Check authentication
$this->getSlim()->auth->checkPermission('attachments');
$params = new Set($request->get());
if (!$params->has('sha2')) {
throw new \Exception('Missing sha2 parameter!', Resource::STATUS_BAD_REQUEST);
}
$sha2 = $params->get('sha2');
$encoding = $params->get('encoding');
// Fetch attachment metadata and data
$metadata = $this->attachmentService->fetchMetadataBySha2($sha2);
$data = $this->attachmentService->fetchFileBySha2($sha2);
if ($encoding !== 'binary') {
$data = base64_encode($data);
}
$this->getSlim()->response->headers->set('Content-Type', $metadata->getContentType());
Resource::response(Resource::STATUS_OK, $data);
}
/**
* Fetches agent profiles according to the given parameters.
*
* @param array $request The incoming HTTP request
*
* @return array An array of agentProfile objects.
*/
public function agentProfileGet($request)
{
$params = new Set($request->get());
$collection = $this->getDocumentManager()->getCollection('agentProfiles');
$cursor = $collection->find();
// Single activity profile
if ($params->has('profileId')) {
$cursor->where('profileId', $params->get('profileId'));
$agent = $params->get('agent');
$agent = json_decode($agent, true);
//Fetch the identifier - otherwise we'd have to order the JSON
if (isset($agent['mbox'])) {
$uniqueIdentifier = 'mbox';
} elseif (isset($agent['mbox_sha1sum'])) {
$uniqueIdentifier = 'mbox_sha1sum';
} elseif (isset($agent['openid'])) {
$uniqueIdentifier = 'openid';
} elseif (isset($agent['account'])) {
$uniqueIdentifier = 'account';
}
$cursor->where('agent.' . $uniqueIdentifier, $agent[$uniqueIdentifier]);
if ($cursor->count() === 0) {
throw new Exception('Agent profile does not exist.', Resource::STATUS_NOT_FOUND);
}
$this->cursor = $cursor;
$this->single = true;
return $this;
}
$agent = $params->get('agent');
$agent = json_decode($agent);
$cursor->where('agent', $agent);
if ($params->has('since')) {
$since = Util\Date::dateStringToMongoDate($params->get('since'));
$cursor->whereGreaterOrEqual('mongoTimestamp', $since);
}
$this->cursor = $cursor;
return $this;
}
/**
* Does view data have value with key?
* @param string $key
* @return boolean
*/
public function has($key)
{
return $this->data->has($key);
}
public function __isset($name)
{
return $this->container->has($name);
}
/**
* @param [type] $request [description]
*
* @return [type] [description]
*/
public function accessTokenPost($request)
{
$params = new Set($request->post());
$requiredParams = ['grant_type', 'client_id', 'client_secret', 'redirect_uri', 'code'];
//TODO: Use json-schema validator
foreach ($requiredParams as $requiredParam) {
if (!$params->has($requiredParam)) {
throw new \Exception('Parameter ' . $requiredParam . ' is missing!', Resource::STATUS_BAD_REQUEST);
}
}
if ($params->get('grant_type') !== 'authorization_code') {
throw new \Exception('Invalid grant_type specified.', Resource::STATUS_BAD_REQUEST);
}
$collection = $this->getDocumentManager()->getCollection('oAuthTokens');
$cursor = $collection->find();
$cursor->where('code', $params->get('code'));
$tokenDocument = $cursor->current();
if (null === $tokenDocument) {
throw new \Exception('Invalid code specified!', Resource::STATUS_BAD_REQUEST);
}
$clientDocument = $tokenDocument->client;
if ($clientDocument->getClientId() !== $params->get('client_id') || $clientDocument->getSecret() !== $params->get('client_secret')) {
throw new \Exception('Invalid client_id/client_secret combination!', Resource::STATUS_BAD_REQUEST);
}
if ($params->get('redirect_uri') !== $clientDocument->getRedirectUri()) {
throw new \Exception('Redirect_uri mismatch!', Resource::STATUS_BAD_REQUEST);
}
//Remove one-time code
$tokenDocument->setCode(false);
$tokenDocument->save();
$this->accessTokens = [$tokenDocument];
$this->single = true;
return $tokenDocument;
}
/**
* Fetches statements according to the given parameters.
*
* @param array $request The HTTP request object.
*
* @return array An array of statement objects.
*/
public function statementGet($request)
{
$params = new Set($request->get());
$collection = $this->getDocumentManager()->getCollection('statements');
$cursor = $collection->find();
// Single statement
if ($params->has('statementId')) {
$cursor->where('statement.id', $params->get('statementId'));
$cursor->where('voided', false);
if ($cursor->count() === 0) {
throw new Exception('Statement does not exist.', Resource::STATUS_NOT_FOUND);
}
$this->cursor = $cursor;
$this->single = true;
return $this;
}
if ($params->has('voidedStatementId')) {
$cursor->where('statement.id', $params->get('voidedStatementId'));
$cursor->where('voided', true);
if ($cursor->count() === 0) {
throw new Exception('Statement does not exist.', Resource::STATUS_NOT_FOUND);
}
$this->cursor = $cursor;
$this->single = true;
return $this;
}
$cursor->where('voided', false);
// Multiple statements
if ($params->has('agent')) {
$agent = $params->get('agent');
$agent = json_decode($agent, true);
//Fetch the identifier - otherwise we'd have to order the JSON
if (isset($agent['mbox'])) {
$uniqueIdentifier = 'mbox';
} elseif (isset($agent['mbox_sha1sum'])) {
$uniqueIdentifier = 'mbox_sha1sum';
} elseif (isset($agent['openid'])) {
$uniqueIdentifier = 'openid';
} elseif (isset($agent['account'])) {
$uniqueIdentifier = 'account';
}
if ($params->has('related_agents') && $params->get('related_agents') === 'true') {
if ($uniqueIdentifier === 'account') {
$cursor->whereOr($collection->expression()->whereOr($collection->expression()->whereAnd($collection->expression()->where('statement.actor.' . $uniqueIdentifier . '.homePage', $agent[$uniqueIdentifier]['homePage']), $collection->expression()->where('statement.actor.' . $uniqueIdentifier . '.name', $agent[$uniqueIdentifier]['name'])), $collection->expression()->whereAnd($collection->expression()->where('statement.object.' . $uniqueIdentifier . '.homePage', $agent[$uniqueIdentifier]['homePage']), $collection->expression()->where('statement.object.' . $uniqueIdentifier . '.name', $agent[$uniqueIdentifier]['name'])), $collection->expression()->whereAnd($collection->expression()->where('statement.authority.' . $uniqueIdentifier . '.homePage', $agent[$uniqueIdentifier]['homePage']), $collection->expression()->where('statement.authority.' . $uniqueIdentifier . '.name', $agent[$uniqueIdentifier]['name'])), $collection->expression()->whereAnd($collection->expression()->where('statement.context.team.' . $uniqueIdentifier . '.homePage', $agent[$uniqueIdentifier]['homePage']), $collection->expression()->where('statement.context.team.' . $uniqueIdentifier . '.name', $agent[$uniqueIdentifier]['name'])), $collection->expression()->whereAnd($collection->expression()->where('statement.context.instructor.' . $uniqueIdentifier . '.homePage', $agent[$uniqueIdentifier]['homePage']), $collection->expression()->where('statement.context.instructor.' . $uniqueIdentifier . '.name', $agent[$uniqueIdentifier]['name'])), $collection->expression()->whereAnd($collection->expression()->where('statement.object.objectType', 'SubStatement'), $collection->expression()->where('statement.object.object.' . $uniqueIdentifier . '.homePage', $agent[$uniqueIdentifier]['homePage']), $collection->expression()->where('statement.object.object.' . $uniqueIdentifier . '.name', $agent[$uniqueIdentifier]['name']))), $collection->expression()->whereOr($collection->expression()->whereAnd($collection->expression()->where('references.actor.' . $uniqueIdentifier . '.homePage', $agent[$uniqueIdentifier]['homePage']), $collection->expression()->where('references.actor.' . $uniqueIdentifier . '.name', $agent[$uniqueIdentifier]['name'])), $collection->expression()->whereAnd($collection->expression()->where('references.object.' . $uniqueIdentifier . '.homePage', $agent[$uniqueIdentifier]['homePage']), $collection->expression()->where('references.object.' . $uniqueIdentifier . '.name', $agent[$uniqueIdentifier]['name'])), $collection->expression()->whereAnd($collection->expression()->where('references.authority.' . $uniqueIdentifier . '.homePage', $agent[$uniqueIdentifier]['homePage']), $collection->expression()->where('references.authority.' . $uniqueIdentifier . '.name', $agent[$uniqueIdentifier]['name'])), $collection->expression()->whereAnd($collection->expression()->where('references.context.team.' . $uniqueIdentifier . '.homePage', $agent[$uniqueIdentifier]['homePage']), $collection->expression()->where('references.context.team.' . $uniqueIdentifier . '.name', $agent[$uniqueIdentifier]['name'])), $collection->expression()->whereAnd($collection->expression()->where('references.context.instructor.' . $uniqueIdentifier . '.homePage', $agent[$uniqueIdentifier]['homePage']), $collection->expression()->where('references.context.instructor.' . $uniqueIdentifier . '.name', $agent[$uniqueIdentifier]['name'])), $collection->expression()->whereAnd($collection->expression()->where('references.object.objectType', 'SubStatement'), $collection->expression()->where('references.object.object.' . $uniqueIdentifier . '.homePage', $agent[$uniqueIdentifier]['homePage']), $collection->expression()->where('references.object.object.' . $uniqueIdentifier . '.name', $agent[$uniqueIdentifier]['name']))));
} else {
$cursor->whereOr($collection->expression()->whereOr($collection->expression()->where('statement.actor.' . $uniqueIdentifier, $agent[$uniqueIdentifier]), $collection->expression()->where('statement.object.' . $uniqueIdentifier, $agent[$uniqueIdentifier]), $collection->expression()->where('statement.authority.' . $uniqueIdentifier, $agent[$uniqueIdentifier]), $collection->expression()->where('statement.context.team.' . $uniqueIdentifier, $agent[$uniqueIdentifier]), $collection->expression()->where('statement.context.instructor.' . $uniqueIdentifier, $agent[$uniqueIdentifier]), $collection->expression()->whereAnd($collection->expression()->where('statement.object.objectType', 'SubStatement'), $collection->expression()->where('statement.object.object.' . $uniqueIdentifier, $agent[$uniqueIdentifier]))), $collection->expression()->whereOr($collection->expression()->where('references.actor.' . $uniqueIdentifier, $agent[$uniqueIdentifier]), $collection->expression()->where('references.object.' . $uniqueIdentifier, $agent[$uniqueIdentifier]), $collection->expression()->where('references.authority.' . $uniqueIdentifier, $agent[$uniqueIdentifier]), $collection->expression()->where('references.context.team.' . $uniqueIdentifier, $agent[$uniqueIdentifier]), $collection->expression()->where('references.context.instructor.' . $uniqueIdentifier, $agent[$uniqueIdentifier]), $collection->expression()->whereAnd($collection->expression()->where('references.object.objectType', 'SubStatement'), $collection->expression()->where('references.object.object.' . $uniqueIdentifier, $agent[$uniqueIdentifier]))));
}
} else {
if ($uniqueIdentifier === 'account') {
$cursor->whereOr($collection->expression()->whereOr($collection->expression()->whereAnd($collection->expression()->where('statement.actor.' . $uniqueIdentifier . '.homePage', $agent[$uniqueIdentifier]['homePage']), $collection->expression()->where('statement.actor.' . $uniqueIdentifier . '.name', $agent[$uniqueIdentifier]['name'])), $collection->expression()->whereAnd($collection->expression()->where('statement.object.' . $uniqueIdentifier . '.homePage', $agent[$uniqueIdentifier]['homePage']), $collection->expression()->where('statement.object.' . $uniqueIdentifier . '.name', $agent[$uniqueIdentifier]['name']))), $collection->expression()->whereOr($collection->expression()->whereAnd($collection->expression()->where('references.actor.' . $uniqueIdentifier . '.homePage', $agent[$uniqueIdentifier]['homePage']), $collection->expression()->where('references.actor.' . $uniqueIdentifier . '.name', $agent[$uniqueIdentifier]['name'])), $collection->expression()->whereAnd($collection->expression()->where('references.object.' . $uniqueIdentifier . '.homePage', $agent[$uniqueIdentifier]['homePage']), $collection->expression()->where('references.object.' . $uniqueIdentifier . '.name', $agent[$uniqueIdentifier]['name']))));
} else {
$cursor->whereOr($collection->expression()->whereOr($collection->expression()->where('statement.actor.' . $uniqueIdentifier, $agent[$uniqueIdentifier]), $collection->expression()->where('statement.object.' . $uniqueIdentifier, $agent[$uniqueIdentifier])), $collection->expression()->whereOr($collection->expression()->where('references.actor.' . $uniqueIdentifier, $agent[$uniqueIdentifier]), $collection->expression()->where('references.object.' . $uniqueIdentifier, $agent[$uniqueIdentifier])));
}
}
}
if ($params->has('verb')) {
$cursor->whereOr($collection->expression()->where('statement.verb.id', $params->get('verb')), $collection->expression()->where('references.verb.id', $params->get('verb')));
}
if ($params->has('activity')) {
// Handle related
if ($params->has('related_activities') && $params->get('related_activities') === 'true') {
$cursor->whereOr($collection->expression()->whereOr($collection->expression()->where('statement.object.id', $params->get('activity')), $collection->expression()->where('statement.context.contextActivities.parent.id', $params->get('activity')), $collection->expression()->where('statement.context.contextActivities.category.id', $params->get('activity')), $collection->expression()->where('statement.context.contextActivities.grouping.id', $params->get('activity')), $collection->expression()->where('statement.context.contextActivities.other.id', $params->get('activity')), $collection->expression()->where('statement.context.contextActivities.parent.id', $params->get('activity')), $collection->expression()->where('statement.context.contextActivities.parent.id', $params->get('activity')), $collection->expression()->whereAnd($collection->expression()->where('statement.object.objectType', 'SubStatement'), $collection->expression()->where('statement.object.object', $params->get('activity')))), $collection->expression()->whereOr($collection->expression()->where('references.object.id', $params->get('activity')), $collection->expression()->where('references.context.contextActivities.parent.id', $params->get('activity')), $collection->expression()->where('references.context.contextActivities.category.id', $params->get('activity')), $collection->expression()->where('references.context.contextActivities.grouping.id', $params->get('activity')), $collection->expression()->where('references.context.contextActivities.other.id', $params->get('activity')), $collection->expression()->where('references.context.contextActivities.parent.id', $params->get('activity')), $collection->expression()->where('references.context.contextActivities.parent.id', $params->get('activity')), $collection->expression()->whereAnd($collection->expression()->where('references.object.objectType', 'SubStatement'), $collection->expression()->where('references.object.object', $params->get('activity')))));
} else {
$cursor->whereOr($collection->expression()->where('statement.object.id', $params->get('activity')), $collection->expression()->where('references.object.id', $params->get('activity')));
}
}
if ($params->has('registration')) {
$cursor->whereOr($collection->expression()->where('statement.context.registration', $params->get('registration')), $collection->expression()->where('references.context.registration', $params->get('registration')));
}
// Date based filters
if ($params->has('since')) {
$since = Util\Date::dateStringToMongoDate($params->get('since'));
$cursor->whereGreaterOrEqual('mongo_timestamp', $since);
}
if ($params->has('until')) {
$until = Util\Date::dateStringToMongoDate($params->get('until'));
$cursor->whereLessOrEqual('mongo_timestamp', $until);
}
// Count before paginating
$this->count = $cursor->count();
// Handle pagination
if ($params->has('since_id')) {
$id = new \MongoId($params->get('since_id'));
$cursor->whereGreaterOrEqual('_id', $id);
}
if ($params->has('until_id')) {
$id = new \MongoId($params->get('until_id'));
$cursor->whereLessOrEqual('_id', $id);
}
$this->format = $this->getSlim()->config('xAPI')['default_statement_get_format'];
if ($params->has('format')) {
$this->format = $params->get('format');
}
if ($params->has('ascending') && $params->get('ascending') === 'true') {
$cursor->sort(['_id' => 1]);
$this->descending = false;
} else {
$cursor->sort(['_id' => -1]);
$this->descending = true;
}
if ($params->has('limit') && $params->get('limit') < $this->getSlim()->config('xAPI')['statement_get_limit'] && $params->get('limit') > 0) {
$limit = $params->get('limit');
} else {
$limit = $this->getSlim()->config('xAPI')['statement_get_limit'];
}
// Hackish solution...think of a different way for handling this
$limit = $limit + 1;
$this->limit = $limit;
$cursor->limit($limit);
$this->cursor = $cursor;
return $this;
}
$app->hook('slim.before', function () use($app) {
$app->container->singleton('mongo', function () use($app) {
$client = new Client($app->config('database')['host_uri']);
$client->map([$app->config('database')['db_name'] => '\\API\\Collection']);
$client->useDatabase($app->config('database')['db_name']);
return $client;
});
});
// CORS compatibility layer (Internet Explorer)
$app->hook('slim.before.router', function () use($app) {
if ($app->request->isPost() && $app->request->get('method')) {
$method = $app->request->get('method');
$app->environment()['REQUEST_METHOD'] = strtoupper($method);
mb_parse_str($app->request->getBody(), $postData);
$parameters = new Set($postData);
if ($parameters->has('content')) {
$content = $parameters->get('content');
$app->environment()['slim.input'] = $content;
$parameters->remove('content');
} else {
// Content is the only valid body parameter...everything else are either headers or query parameters
$app->environment()['slim.input'] = '';
}
$app->request->headers->replace($parameters->all());
$app->environment()['slim.request.query_hash'] = $parameters->all();
}
});
// Parse version
$app->hook('slim.before.dispatch', function () use($app) {
// Version
$app->container->singleton('version', function () use($app) {
/**
* Fetches activity states according to the given parameters.
*
* @param array $request The incoming HTTP request
*
* @return array An array of statement objects.
*/
public function activityStateDelete($request)
{
$params = new Set($request->get());
$collection = $this->getDocumentManager()->getCollection('activityStates');
$expression = $collection->expression();
if ($params->has('stateId')) {
$expression->where('stateId', $params->get('stateId'));
}
$expression->where('activityId', $params->get('activityId'));
$agent = $params->get('agent');
$agent = json_decode($agent, true);
//Fetch the identifier - otherwise we'd have to order the JSON
if (isset($agent['mbox'])) {
$uniqueIdentifier = 'mbox';
} elseif (isset($agent['mbox_sha1sum'])) {
$uniqueIdentifier = 'mbox_sha1sum';
} elseif (isset($agent['openid'])) {
$uniqueIdentifier = 'openid';
} elseif (isset($agent['account'])) {
$uniqueIdentifier = 'account';
} else {
throw new Exception('Invalid request!', Resource::STATUS_BAD_REQUEST);
}
$expression->where('agent.' . $uniqueIdentifier, $agent[$uniqueIdentifier]);
if ($params->has('registration')) {
$expression->where('registration', $params->get('registration'));
}
$collection->deleteDocuments($expression);
return $this;
}
