/**
* Define routes on router
*
* @param Slim Slim instance as router
**/
public function routes(&$router)
{
// Inbox and outbox
// List folders
$router->get('/messages/:box', function ($box) use($router) {
$val = Helper::getUserData();
$settings = $val['my_messaging_settings'] ?: array();
$folders = $settings['folder'];
$folders['in'][0] = _('Posteingang');
$folders['out'][0] = _('Postausgang');
$folders = $folders[$box];
$router->render(compact('folders'));
})->conditions(array('box' => '(in|out)'));
// Create new folder
$router->post('/messages/:box', function ($box) use($router) {
$folder = trim(\Request::get('folder', ''));
$val = Helper::getUserData();
if (empty($folder)) {
$router->halt(406, 'No folder name provided');
}
if (false and preg_match('/[^a-z0-9]/', $folder)) {
$router->halt(406, 'Invalid folder name provided');
}
if (in_array($folder, $val['my_messaging_settings']['folder'][$box]) || ($box === 'in' and $folder === _('Posteingang')) || ($box === 'out' and $folder === _('Postausgang'))) {
$router->halt(409, 'Duplicate');
}
$val['my_messaging_settings']['folder'][$box][] = $folder;
Helper::setUserData($val);
$GLOBALS['user']->unregister('my_messaging_settings');
$router->halt(201);
})->conditions(array('box' => '(in|out)'));
// Folders
// List messages
$router->get('/messages/:box/:folder', function ($box, $folder) use($router) {
$val = Helper::getUserData();
$settings = $val['my_messaging_settings'] ?: array();
if ($folder != 0 && !isset($settings['folder'][$box][$folder])) {
$router->halt(404, sprintf('Folder %s-%s not found', $box, $folder));
}
error_reporting(E_ALL ^ (E_NOTICE | E_WARNING));
$ids = Message::folder($box == 'in' ? 'rec' : 'snd', $folder);
$messages = Message::load($ids);
if ($router->compact()) {
$router->render(compact('messages'));
return;
}
$users = array();
foreach ($messages as $message) {
if ($message['sender_id'] != '____%system%____' && !isset($users[$message['sender_id']])) {
$users[$message['sender_id']] = reset($router->dispatch('get', '/user(/:user_id)', $message['sender_id']));
}
if ($message['receiver_id'] != '____%system%____' && !isset($users[$message['receiver_id']])) {
$users[$message['receiver_id']] = reset($router->dispatch('get', '/user(/:user_id)', $message['receiver_id']));
}
}
$router->render(compact('messages', 'users'));
})->conditions(array('box' => '(in|out)', array('folder' => '\\d+')));
// Direct access to messages
// Get count of message
$router->get('/messages', function () use($router) {
$count = array('read' => 0 + count_messages_from_user('in', ' AND message_user.readed = 1 '), 'unread' => 0 + count_messages_from_user('in', ' AND message_user.readed = 0 '));
$router->render($count);
});
// Create a message
$router->post('/messages', function () use($router) {
$subject = trim($_POST['subject'] ?: '');
if (empty($subject)) {
$router->halt(406, 'No subject provided');
}
$message = trim($_POST['message'] ?: '');
if (empty($message)) {
$router->halt(406, 'No message provided');
}
$usernames = array_map(function ($id) use($router) {
$user = \User::find($id);
if (!$user) {
$router->halt(404, sprintf('Receiver user id %s not found', $id));
}
return $user['username'];
}, (array) ($_POST['user_id'] ?: null));
$message_id = md5(uniqid('message', true));
check_messaging_default();
$messaging = new \messaging();
$result = $messaging->insert_message($message, $usernames, $GLOBALS['user']->id, time(), $message_id, false, \Request::get('signature'), $subject, \Request::int('email', 0));
if (!$result) {
$this->halt(500, 'Could not create message');
}
$router->render($router->dispatch('get', '/messages/:message_id', $message_id), 201);
});
// Load a message
$router->get('/messages/:message_id', function ($message_id) use($router) {
$message = Message::load($message_id);
if (!$message) {
$router->halt(404, sprintf('Message %s not found', $message_id));
}
if ($router->compact()) {
$router->render(compact('message'));
return;
}
$users = array();
if ($message['sender_id'] != '____%system%____' && !isset($users[$message['sender_id']])) {
$users[$message['sender_id']] = reset($router->dispatch('get', '/user(/:user_id)', $message['sender_id']));
}
if ($message['receiver_id'] != '____%system%____' && !isset($users[$message['receiver_id']])) {
$users[$message['receiver_id']] = reset($router->dispatch('get', '/user(/:user_id)', $message['receiver_id']));
}
$router->render(compact('message', 'users'));
});
// Destroy a message
$router->delete('/messages/:message_id', function ($message_id) use($router) {
$message = Message::load($message_id, array('mu.dont_delete'));
if (!$message) {
$router->halt(404, sprintf('Message %s not found', $message_id));
}
if ($message['dont_delete']) {
$router->halt(403, 'Message shall not be deleted');
}
$messaging = new messaging();
$messaging->delete_message($message_id);
$router->halt(204);
});
// Read (load and update read flag) a message
$router->put('/messages/:message_id/read', function ($message_id) use($router) {
$message = Message::load($message_id);
if (!$message) {
$router->halt(404, sprintf('Message %s not found', $message_id));
}
$router->render($message);
$messaging = new messaging();
$messaging->set_read_message($message_id);
$router->halt(204);
});
$router->put('/messages/read', function () use($router) {
Message::readAll($GLOBALS['user']->id);
$router->halt(200);
});
// Move message
$router->put('/messages/:message_id/move/:folder', function ($folder, $message_id) use($router) {
$val = Helper::getUserData();
$settings = $val['my_messaging_settings'] ?: array();
if ($folder != 0 && !isset($settings['folder'][$box][$folder])) {
$router->halt(404, sprintf('Folder %s-%s not found', $box, $folder));
}
$message = Message::load($message_id);
if (!$message) {
$router->halt(404, sprintf('Message %s not found', $message_id));
}
Message::move($message_id, $folder);
$router->halt(204);
})->conditions(array('folder' => '\\d+'));
}
static function load($ids = null)
{
if (is_array($ids) && empty($ids)) {
return array();
}
$query = "SELECT sem.Seminar_id AS course_id, start_time,\n duration_time,\n Name AS title, Untertitel AS subtitle, sem.status AS type, modules,\n Beschreibung AS description, Ort AS location, gruppe\n FROM seminare AS sem\n LEFT JOIN seminar_user AS su ON (sem.Seminar_id = su.seminar_id AND su.user_id = ?)";
$parameters = array($GLOBALS['user']->id);
if (func_num_args() > 0) {
$query .= " WHERE sem.Seminar_id IN (?)";
$parameters[] = $ids;
if (is_array($ids) && count($ids) > 1) {
$query .= " ORDER BY start_time DESC";
}
} else {
$query .= " WHERE su.user_id IS NOT NULL";
}
$statement = DBManager::get()->prepare($query);
$statement->execute($parameters);
$courses = $statement->fetchAll(PDO::FETCH_ASSOC);
$query = "SELECT user_id\n FROM seminar_user\n WHERE Seminar_id = ? AND status = ? AND visible != 'no'\n ORDER BY position ASC";
$statement = DBManager::get()->prepare($query);
$modules = new Modules();
$colors = self::loadColors();
foreach ($courses as &$course) {
$course['modules'] = $modules->getLocalModules($course['course_id'], 'sem');
foreach ($course['modules'] as &$module) {
$module = (bool) $module;
}
$course['semester_id'] = Helper::getSemester($course['start_time']) ?: Helper::getSemester();
$statement->execute(array($course['course_id'], 'dozent'));
$course['teachers'] = $statement->fetchAll(PDO::FETCH_COLUMN) ?: array();
$statement->closeCursor();
$statement->execute(array($course['course_id'], 'tutor'));
$course['tutors'] = $statement->fetchAll(PDO::FETCH_COLUMN) ?: array();
$statement->closeCursor();
$statement->execute(array($course['course_id'], 'autor'));
$course['students'] = $statement->fetchAll(PDO::FETCH_COLUMN) ?: array();
$statement->closeCursor();
$course['color'] = $colors[$course['gruppe'] ?: 0];
unset($course['gruppe']);
}
return func_num_args() === 0 || is_array($ids) ? $courses : reset($courses);
}
function routes(&$router)
{
$router->get('/documents/:range_id/folder(/:folder_id)', function ($range_id, $folder_id = null) use($router) {
$folder_id = $folder_id ?: $range_id;
if (!Document::isActivated($range_id)) {
$router->halt(400, sprintf('Range %s has no documents', $range_id));
}
if (!Helper::UserHasAccessToRange($range_id)) {
$router->halt(403, sprintf('User may not access range %s', $range_id));
}
if (!Document::folderBelongsToRange($range_id, $folder_id)) {
$router->halt(404, sprintf('No folder %s for range %s', $folder_id, $range_id));
}
$folders = Document::loadFolders($folder_id);
$documents = Document::loadFiles($folder_id, 'folder');
if ($router->compact()) {
$router->render(compact('folders', 'documents'));
return;
}
$users = array();
foreach ($folders as &$folder) {
if (!isset($users[$folder['user_id']])) {
$users[$folder['user_id']] = reset($router->dispatch('get', '/user(/:user_id)', $folder['user_id']));
}
}
foreach ($documents as &$document) {
if (!isset($users[$document['user_id']])) {
$users[$document['user_id']] = reset($router->dispatch('get', '/user(/:user_id)', $document['user_id']));
}
}
$router->render(compact('folders', 'documents', 'users'));
});
$router->get('/documents/:document_id', function ($document_id) use($router) {
$document = new StudipDocument($document_id);
if (!$document->checkAccess($GLOBALS['user']->id)) {
$router->halt(403, sprintf('User may not access file %s', $document_id));
}
$document = Document::loadFiles($document_id);
if ($router->compact()) {
$router->render(compact('document'));
return;
}
$user[$document['user_id']] = reset($router->dispatch('get', '/user(/:user_id)', $document['user_id']));
$router->render(compact('document', 'user'));
});
// See public/sendfile.php
$router->get('/documents/:document_id/download', function ($document_id) use($router) {
$document = new StudipDocument($document_id);
if (!$document->checkAccess($GLOBALS['user']->id)) {
$router->halt(403, sprintf('User may not access file %s', $document_id));
}
$file = $path_file = get_upload_file_path($document_id);
if (!file_exists($file)) {
$router->halt(404, sprintf('File contents for file %s not found', $document_id));
}
header('Expires: Mon, 12 Dec 2001 08:00:00 GMT');
header('Last-Modified: ' . gmdate('D, d M Y H:i:s') . ' GMT');
if ($_SERVER['HTTPS'] == 'on') {
header('Pragma: public');
header('Cache-Control: private');
} else {
header('Pragma: no-cache');
header('Cache-Control: no-store, no-cache, must-revalidate');
// HTTP/1.1
}
header('Cache-Control: post-check=0, pre-check=0', false);
header(sprintf('Content-Type: %s; name="%s"', get_mime_type($document->getValue('filename')), $document->getValue('filename')));
header('Content-Description: File Transfer');
header('Content-Transfer-Encoding: binary');
header('Content-Length: ' . filesize($file));
@readfile_chunked($path_file);
TrackAccess($document_id, 'dokument');
die;
});
}
/**
*
**/
public function routes(&$router)
{
// Get news of a range id
$router->get('/news(/range/:range_id)', function ($range_id = false) use($router) {
$range_id = $range_id ?: $GLOBALS['user']->id;
if (!Helper::UserHasAccessToRange($range_id)) {
$router->halt(403, sprintf('User may not access range %s', $range_id));
}
$news = array_values(News::loadRange($range_id));
if ($router->compact()) {
$router->render(compact('news'));
return;
}
foreach ($news as $index => $n) {
if ($n['allow_comments']) {
$comments = $router->dispatch('get', '/news/:news_id/comments', $n['news_id']);
$news[$index]['comments'] = $comments['comments'];
}
}
$users = array_values(NewsRoute::extractUsers($news, $router));
$router->render(compact('news', 'users'));
})->conditions(array('range_id' => '(studip|[a-f0-9]{32})'));
// Create news for a specific range
$router->post('/news(/range/:range_id)', function () use($router) {
$range_id = $range_id ?: $GLOBALS['user']->id;
if (!Helper::UserHasAccessToRange($range_id)) {
$router->halt(403, sprintf('User may not access range %s', $range_id));
}
$title = trim(Request::get('title'));
if (empty($title)) {
$router->halt(406, 'No news title provided');
}
$body = trim(Request::get('body'));
if (empty($body)) {
$router->halt(406, 'No news body provided');
}
$news = new \StudipNews();
$news->user_id = $GLOBALS['user']->id;
$news->author = $GLOBALS['user']->getFullName();
$news->topic = $title;
$news->body = $body;
$news->date = time();
$news->expire = Request::int('expire', 2 * 7 * 24 * 60 * 60);
$news->allow_comments = Request::int('allow_comments', 0);
if (!$news->store()) {
$router->halt(501, 'Could not create news');
}
$news->addRange($range_id);
$news->storeRanges();
$router->render($router->dispatch('get', '/news/:news_id', $news->news_id), 201);
})->conditions(array('range_id' => '(studip|[a-f0-9]{32})'));
// Get news data
$router->get('/news/:news_id', function ($news_id) use($router) {
$news = News::load($news_id);
if (!$news) {
$router->halt(404, sprintf('News %s not found', $news_id));
}
if ($router->compact()) {
$router->render(compact('news'));
return;
}
$users = NewsRoute::extractUsers(array($news), $router);
if ($news['allow_comments']) {
$news['comments'] = reset($router->dispatch('get', '/news/:news_id/comments', $news_id));
}
$router->render(compact('news', 'users'));
});
// Update news
$router->put('/news/:news_id', function ($news_id) use($router) {
global $_PUT;
$news = new \StudipNews($news_id);
if (!$news) {
$router->halt(404, sprintf('News %s not found', $news_id));
}
/*
// TODO Check access
if (!Helper::UserHasAccessToRange($range_id)) {
$router->halt(403, sprintf('User may not access range %s', $range_id));
}
*/
if (isset($_PUT['title'])) {
$title = trim($_PUT['title']);
if (empty($title)) {
$router->halt(406, 'No news title provided');
}
$news->topic = $title;
}
if (isset($_PUT['body'])) {
$body = trim($_PUT['body']);
if (empty($body)) {
$router->halt(406, 'No news body provided');
}
$news->body = $body;
}
// date?
if (isset($_PUT['expire'])) {
$news->expire = $_PUT['expire'] ?: $news->expire;
}
if (isset($_PUT['allow_comments'])) {
$news->allow_comments = (int) $_PUT['allow_comments'];
}
if (!$news->store()) {
$router->halt(501, 'Could not update news');
}
$router->render($router->dispatch('get', '/news/:news_id', $news->news_id), 201);
});
// Delete news
$router->delete('/news/:news_id', function ($news_id) use($router) {
$news = \StudipNews::find($news_id);
if (!$news) {
$router->halt(404, sprintf('News %s not found', $news_id));
}
$news->delete();
$router->halt(200, sprintf('Deleted news %s.', $news_id));
});
}