/**
* N.B.: if the user passed as input is a supporter, the method prefix '1'
* to the token, making it 41-character long, rather than 40
*
* @param PcApiApp $apiApp
* @param int $userId
* @return string
*/
public static function createToken(PcApiApp $apiApp, $userId)
{
$apiAppId = $apiApp->getId();
// if there is already a token entry for the application and the user, we delete it
$c = new Criteria();
$c->add(PcApiTokenPeer::API_APP_ID, $apiAppId);
$c->add(PcApiTokenPeer::USER_ID, $userId);
PcApiTokenPeer::doDelete($c);
$apiTokenEntry = new PcApiToken();
$tokenPrefix = PcUserPeer::retrieveByPK($userId)->isSupporter() ? '1' : '';
// we want to be extra-sure the token is unique
$token = '';
$safetyCounter = 0;
// to avoid infinite loop under any circumstances
do {
$token = $tokenPrefix . PcUtils::generate40CharacterRandomHash();
$c = new Criteria();
$c->add(PcApiTokenPeer::TOKEN, $token);
$alreadyExisting = PcApiTokenPeer::doSelectOne($c);
$safetyCounter++;
if ($safetyCounter == 100) {
throw new Exception("Detected possible infinite loop while creating API token");
}
} while (is_object($alreadyExisting));
$apiTokenEntry->setToken($token)->setApiAppId($apiAppId)->setUserId($userId)->setExpiryTimestamp(time() + sfConfig::get('app_api_tokenValidity') * 3600)->save();
return $token;
}
public function executeReorder(sfWebRequest $request)
{
$tagIds = $request->getParameter('tag');
$i = 1;
foreach ($tagIds as $tagId) {
$tag = PcUsersContextsPeer::retrieveByPk($tagId);
PcUtils::checkLoggedInUserPermission(PcUserPeer::retrieveByPK($tag->getUserId()));
$tag->setSortOrder($i)->save();
$i++;
}
return $this->renderDefault();
}
public function getUserEmail()
{
return PcUserPeer::retrieveByPK($this->getUserId())->getEmail();
}
public function getAuthor()
{
return PcUserPeer::retrieveByPK($this->getUserId());
}
/**
* Executes index action
*
* @param sfRequest $request A request object
*/
public function executeIndex(sfWebRequest $request)
{
// for performance reasons, we insert this configuration inside the method itself
$methods = array('getToken', 'getServerTime', 'getUserSettings', 'getLists', 'getDeletedLists', 'getTags', 'getDeletedTags', 'getRepetitions', 'getRepetitionOptions', 'getTasks', 'getDeletedTasks', 'completeTask', 'uncompleteTask', 'deleteTask', 'addTask', 'editTask', 'setTaskNote', 'sync', 'whatHasChanged');
// token, sig, api_ver are required for each method
$extraRequiredParamsMap = array('getToken' => array('api_key'), 'getServerTime' => array(), 'getUserSettings' => array(), 'getLists' => array(), 'getDeletedLists' => array('from_ts', 'to_ts'), 'getTags' => array(), 'getDeletedTags' => array('from_ts', 'to_ts'), 'getRepetitions' => array(), 'getRepetitionOptions' => array(), 'getTasks' => array(), 'getDeletedTasks' => array('from_ts', 'to_ts'), 'completeTask' => array('task_id'), 'uncompleteTask' => array('task_id'), 'addTask' => array('descr'), 'editTask' => array('task_id'), 'setTaskNote' => array('task_id', 'note'), 'deleteTask' => array('task_id'), 'sync' => array('local_changes'), 'whatHasChanged' => array('from_ts', 'to_ts'));
$optionalParamsMap = array('getToken' => array('user_key', 'user_email', 'user_pwd', 'extra_info'), 'getServerTime' => array(), 'getUserSettings' => array(), 'getLists' => array('from_ts', 'to_ts'), 'getDeletedLists' => array(), 'getTags' => array('from_ts', 'to_ts'), 'getDeletedTags' => array(), 'getRepetitions' => array('from_ts', 'to_ts'), 'getRepetitionOptions' => array('from_ts', 'to_ts'), 'getTasks' => array('from_ts', 'to_ts', 'task_id', 'list_id', 'tag_id', 'completed', 'only_with_due_date', 'only_without_due_date', 'only_due_today_or_tomorrow', 'only_starred', 'by_date', 'search_query'), 'getDeletedTasks' => array(), 'completeTask' => array('baseline_due_date'), 'uncompleteTask' => array(), 'addTask' => array('list_id', 'is_header', 'due_date', 'due_time', 'is_starred', 'repetition_id', 'repetition_param', 'repetition_ical_rrule', 'note', 'tag_ids'), 'editTask' => array('list_id', 'descr', 'is_header', 'due_date', 'due_time', 'is_starred', 'repetition_id', 'repetition_param', 'repetition_ical_rrule', 'note', 'tag_ids'), 'setTaskNote' => array(), 'deleteTask' => array(), 'sync' => array(), 'whatHasChanged' => array());
$methodName = $request->getParameter('method_name');
$token = $request->getParameter('token');
$sig = $request->getParameter('sig');
$apiVersion = $request->getParameter('api_ver');
if (!in_array($methodName, $methods)) {
return $this->returnError(PlancakeApiServer::INVALID_METHOD_ERROR);
}
$this->methodName = $methodName;
if ($token === null) {
return $this->returnError(PlancakeApiServer::MISSING_TOKEN_ERROR);
}
if (!$sig) {
return $this->returnError(PlancakeApiServer::MISSING_SIGNATURE_ERROR);
}
if (!$apiVersion) {
return $this->returnError(PlancakeApiServer::MISSING_API_VERSION);
}
$params = array();
$params['token'] = $token;
$params['sig'] = $sig;
$params['api_ver'] = $apiVersion;
$extraRequiredParams = $extraRequiredParamsMap[$methodName];
foreach ($extraRequiredParams as $extraRequiredParam) {
$paramValue = $request->getParameter($extraRequiredParam);
if ($paramValue !== null) {
$params[$extraRequiredParam] = $paramValue;
} else {
return $this->returnError(PlancakeApiServer::MISSING_PARAMETER_ERROR);
}
}
if (!$this->isTokenValid($token)) {
return $this->returnError(PlancakeApiServer::INVALID_TOKEN_ERROR);
}
$apiKey = isset($params['api_key']) ? $params['api_key'] : null;
$apiApp = $this->getApiApp($params['token'], $apiKey);
if ($apiApp === null) {
return $this->returnError(PlancakeApiServer::INVALID_API_KEY_OR_TOKEN_ERROR);
}
if ($apiApp->isLimited()) {
if ($apiApp->hasReachedLimits()) {
return $this->returnError(PlancakeApiServer::RATE_LIMIT_REACHED);
}
}
$apiSecret = $apiApp->getApiSecret();
// loading optional params
$optionalParams = $optionalParamsMap[$methodName];
foreach ($optionalParams as $optionalParam) {
$paramValue = $request->getParameter($optionalParam);
if ($paramValue !== null) {
$params[$optionalParam] = $paramValue;
}
}
// if from_ts is specified, also to_ts
if (isset($params['from_ts']) && !isset($params['to_ts']) || isset($params['to_ts']) && !isset($params['from_ts']) || isset($params['from_ts']) && isset($params['from_ts']) && !((int) $params['from_ts'] > 0) || isset($params['from_ts']) && isset($params['from_ts']) && !((int) $params['to_ts'] > 0)) {
return $this->returnError(PlancakeApiServer::MISSING_FROMTS_OR_TOTS_PARAMETER_ERROR);
}
if (!(strlen($apiSecret) > 0)) {
return $this->returnError(PlancakeApiServer::INVALID_API_KEY_ERROR);
}
if (!$this->isSignatureValid($params, $apiSecret)) {
return $this->returnError(PlancakeApiServer::INVALID_SIGNATURE_ERROR);
}
$user = null;
if (strlen($token) > 0) {
$userId = PcApiTokenPeer::retrieveByPK($token)->getUserId();
$user = PcUserPeer::retrieveByPK($userId);
PcUserPeer::setLoggedInUser($user);
$user->refreshLastLogin()->save();
}
unset($params['token']);
unset($params['sig']);
$response = call_user_func(array('PlancakeApiServer', $methodName), $params);
$jsonResponse = json_encode($response);
$apiApp->recordStats(strlen($jsonResponse));
if ($user && $user->hasGoogleCalendarIntegrationActive()) {
$gcalRecord = PcGoogleCalendarPeer::retrieveByUser($user);
if ($gcalRecord && time() - $gcalRecord->getLatestSyncEndTimestamp() > sfConfig::get('app_api_googleCalendarSyncMinInterval')) {
$gcal = new GoogleCalendarInterface($user);
$gcal->init();
$gcal->syncPlancake();
}
}
if ($callback = $request->getParameter('callback')) {
$this->getResponse()->setContentType('text/javascript');
$response = $callback . '(' . $jsonResponse . ')';
} else {
$this->getResponse()->setContentType('application/json');
$response = $jsonResponse;
}
return $this->renderText($response);
}