/**
* Does the real handling of the request.
* @param array $cookie
*/
protected function doHandleRequest($cookie = [])
{
$request = $this->request;
$pixie = $this->pixie;
$pixie->cookie->set_cookie_data($cookie);
$controllerName = implode('', array_map('ucfirst', preg_split('/_/', $request->param('controller'))));
$controller = Controller::createController($controllerName, $request, $pixie);
// Run all necessary filters
$this->pixie->dispatcher->dispatch(Events::PRE_PROCESS_ACTION, new PreActionEvent($request, $controller));
$action = strtolower($request->method);
$action = $action == 'head' ? 'get' : $action;
if (!$controller instanceof NoneController) {
if (!$request->param('id')) {
if (in_array($this->request->method, ['GET', 'HEAD'])) {
$action .= '_collection';
}
} else {
if ($request->param('property')) {
$action .= '_' . $request->param('property');
}
}
}
$controller->run($action);
$this->response = $controller->response;
}
public function action_get_collection()
{
$ids = $this->request->get($this->model->id_field);
if ($ids) {
$ids = array_unique(preg_split('/\\s*,\\s*/', $ids, -1, PREG_SPLIT_NO_EMPTY));
if (count($ids) > 0) {
$this->model->where($this->model->id_field, 'IN', $this->pixie->db->expr('(' . implode(',', $ids) . ')'));
}
}
if ($catId = $this->request->get("categoryID")) {
$categoryIds = [$catId];
$category = $this->pixie->orm->get('Category', $catId);
if (!$category->loaded()) {
throw new NotFoundException("Category {$catId} Not Found");
}
// Find child categories
$categoryChildren = $category->nested->children()->find_all();
/** @var Category $child */
foreach ($categoryChildren as $child) {
$categoryIds[] = $child->id();
}
$this->model->where('categoryID', 'IN', $this->pixie->db->expr('(' . implode(',', $categoryIds) . ')'));
}
return parent::action_get_collection();
}
/**
* @inheritdoc
*/
public function init()
{
parent::init();
if ($this->modelClass === null) {
throw new InvalidConfigException('The "modelClass" property must be set.');
}
}
public function action_patch($data = null)
{
if ($data === null) {
$data = $this->request->post();
}
$data['customer_id'] = $this->user->id();
return parent::action_patch($data);
}
public function action_post($data = null)
{
if ($this->request->param('id')) {
throw new HttpException('You can\'t create already existing object.', 400, null, 'Bad Request');
}
if ($data === null) {
$data = $this->request->post();
}
$data['customer_id'] = $this->user->id();
return parent::action_post($data);
}
public function action_get()
{
if ($this->request->param('id') == 'my') {
$cartItems = $this->item->getCartItemsModel();
$cartItems->getCart($this->request->get("uid"));
$data = $this->asArrayWith(parent::action_get(), ['items']);
$data['total_price'] = $cartItems->getItemsTotal();
return $data;
} else {
throw new NotFoundException();
}
}
/**
* @return \App\Model\BaseModel|null
* @Vuln\Description("Fetches the category with given ID")
* @Vuln\Route("rest", params={"action": "get", "id": "_id_"})
*/
public function action_get()
{
return parent::action_get();
}
<div class="form-group">
<input type="text" class="form-control js-url-field" placeholder="Resource URL" name="url" required>
</div>
<div class="form-group">
<input type="text" class="form-control js-name-field" placeholder="Username" name="username" required>
</div>
<div class="form-group">
<input type="text" class="form-control js-password-field" placeholder="Password" name="password" required>
</div>
<div class="form-group">
<select name="method" id="requestMethod" class="form-control js-method-field">
<?php
foreach (\App\Rest\Controller::allowedMethods() as $method) {
?>
<option value="<?php
echo $method;
?>
"><?php
echo $method;
?>
</option>
<?php
}
?>
<option value="DISALLOWED">DISALLOWED</option>
</select>
</div>
public function action_get_collection()
{
$username = $this->request->getWrap('username');
if ($username) {
$this->model->where('and', ['username', '=', $username]);
}
return parent::action_get_collection();
}
public function action_put($data = null)
{
return parent::action_put($data);
}
public function exposedFields()
{
$fields = parent::exposedFields();
return $this->removeValues($fields, ['password']);
}
protected function preloadModel()
{
$this->model->where('customer_id', '=', $this->getUser()->id());
parent::preloadModel();
}