/**
* @api {post} /managers/:idUser/transfer Transfer Content by Manager
* @apiName Transfer Content by Manager
* @apiGroup Manager
* @apiHeader (Header) {String} X_Authorization Authorization value.
* @apiParam (url Parameter) {Number} idUser User unique ID.
* @apiParam {Number} idBin Bin's unique ID.
* @apiParam {Number} qty qty to transfer.
* @apiParam {Number} idUser User's unique ID. The change will apply to this user.
*
* @apiError 400 Input Invalid. This will happen if the param is missing or not the valid format.
* @apiError 404 Not found. This will happen if the bin id/user id/course id/sale id is not in our system.
* @apiError 401 Not authorized. This will happen if the header value is not attached.
* @apiError 403 The user is not a manager yet.
*
*
*/
public static function transContent($idUser)
{
$app = \Slim\Slim::getInstance();
$request = $app->request->post();
$validata = $app->validata;
$validator = $validata::key('idBin', $validata::digit()->notEmpty())->key('qty', $validata::digit()->notEmpty())->key('idUser', $validata::digit()->notEmpty());
if (!$validator->validate($request)) {
$app->halt("400", json_encode("Input Invalid"));
}
if (!GroupController::isManagerOfAdmin($request['idUser'], $idUser)) {
$app->halt("403", json_encode("Permission denied."));
}
$bin_id = $request['idBin'];
$bin = Manager_Bin::where('id', '=', $bin_id)->lockForUpdate()->first();
if (!$bin) {
$app->halt("404", json_encode("manager content record does not exist"));
}
if ($bin->user_id != $idUser) {
$app->halt("401");
}
if ($bin->quantity < $request['qty']) {
$app->halt("404", json_encode("No available seat found."));
}
$bin->quantity = $bin->quantity - $request['qty'];
$bin->save();
$new_bin = self::addToBin($bin->course_sale_id, $request['qty'], $request['idUser'], $bin->expiration_dt);
$bin->transferOut()->attach($new_bin, array('sender_id' => $idUser, 'receiver_id' => $request['idUser'], 'course_sale_id' => $bin->course_sale_id, 'quantity' => $request['qty']));
}
