public function handle($data)
{
$this->validate_request(["assignment", "answers"]);
$assignmentId = Token::decode($data->{'assignment'});
$user = UserBackend::fetch_user_profile($this->params['id']);
$assignment = AssignmentBackend::fetch_assignment_profile($assignmentId);
$answers = AssessmentBackend::fetch_assessment_answers(new AssessmentProfile($assignment['assessment-id']));
$provided = $data->{'answers'};
$scores = [];
foreach ($answers as $answer) {
/** @var Token $question */
$question = $answer['question-id'];
$score = ["question-id" => $question->toString(), "question-number" => $answer['question-number'], "max-score" => 1];
if ($answer['question-type'] == QuestionType::MULTI_CHOICE) {
$score['score'] = $this->mark_multichoice_question($answer['answer-value'], $provided->{$question->toString()});
} elseif ($answer['question-type'] == QuestionType::ANSWER) {
$score['score'] = $this->mark_answer_question($answer['answer-value'], $provided->{$question->toString()});
}
$scores[] = $score;
}
if (count($scores) != count($answers)) {
throw new EndpointExecutionException("An error has occurred whilst executing this endpoint");
}
UserBackend::add_assignment_scores($user, $assignmentId, $assignment['assessment-id'], $scores);
return ["scores" => $scores];
}
public function handle($data)
{
$this->validate_request(["user"]);
$profile = UserBackend::fetch_user_profile($data->{"user"});
$token = TokenBackend::create_token($this->clientid, $profile->getUserId(), TOKEN_REQUEST, "1 HOUR");
return ["user" => $profile->toExternalForm(), "request-token" => $token->toExternalForm(3600)];
}
public function handle($data)
{
$this->validate_request(["user", "request-token", "password"]);
// Check to see if request token is valid
$request = Token::decode($data->{"request-token"});
$profile = UserBackend::fetch_user_profile($data->{"user"});
if ($request->getType() != TOKEN_REQUEST) {
throw new InvalidTokenException("Request token provided is not a valid request token");
}
if (!TokenBackend::validate_token($this->clientid, $profile->getUserId(), $request)) {
throw new InvalidTokenException("Request token is invalid");
}
// Remove used request token
TokenBackend::invalidate_token($this->clientid, $request);
// Check to see if username matches password
$password = $data->{"password"};
if (!UserBackend::validate_user($profile, $password)) {
throw new AuthenticationException("Invalid password for user", ["user" => $profile->toExternalForm()]);
}
// Remove any current login sessions for this user and this client
TokenBackend::clear_tokens($this->clientid, $profile->getUserId(), TOKEN_ACCESS);
TokenBackend::clear_tokens($this->clientid, $profile->getUserId(), TOKEN_REFRESH);
// create the new login session
$accessToken = TokenBackend::create_token($this->clientid, $profile->getUserId(), TOKEN_ACCESS, "1 HOUR");
$refreshToken = TokenBackend::create_token($this->clientid, $profile->getUserId(), TOKEN_REFRESH, "1 YEAR");
return ["access-token" => $accessToken->toExternalForm(3600), "refresh-token" => $refreshToken->toExternalForm(false), "profile" => $profile->toExternalForm()];
}
protected function validate_permission($permission)
{
// Check the permission with the backend
if (!DEBUG && !UserBackend::check_user_permission($this->user, $permission)) {
throw new AuthorizationException("You do not have the required permissions to perform this operation", ["permission" => $permission]);
}
return true;
}
public function handle($data)
{
$this->validate_request(["setting" => ["key", "value"]]);
$profile = UserBackend::fetch_user_profile($this->params["id"]);
$setting = $data->{"setting"};
UserBackend::set_user_setting($profile, $setting);
return ["user" => $profile->toExternalForm(), "setting" => $setting];
}
public function handle($data)
{
$this->validate_request(["group"]);
$user = UserBackend::fetch_user_profile($this->params['id']);
$group = GroupBackend::fetch_group_profile($data->{"group"});
UserBackend::add_user_group($user, $group);
return [];
}
public function handle($data)
{
$this->validate_request(["assignment"]);
$user = UserBackend::fetch_user_profile($this->params['id']);
$assignment = Token::decode($data->{"assignment"});
$data = UserBackend::add_user_assignment($user, $assignment);
return $data;
}
public function handle($data)
{
$this->validate_request(["permission"]);
$profile = UserBackend::fetch_user_profile($this->params["id"]);
$permission = $data->{"permission"};
UserBackend::set_user_permission($profile, $permission, true);
return ["user" => $profile->toExternalForm(), "permission" => $permission];
}
public function handle($data)
{
$users = [];
/** @var \meteor\data\profiles\UserProfile $user */
foreach (UserBackend::fetch_all_users() as $user) {
$users[] = $user->toExternalForm();
}
return ["count" => count($users), "users" => $users];
}
public function handle($data)
{
$profile = UserBackend::fetch_user_profile($this->params['id']);
$groups = [];
/** @var \meteor\data\profiles\GroupProfile $group */
foreach (UserBackend::fetch_user_groups($profile) as $group) {
$groups[] = $group->toExternalForm();
}
return ["groups" => $groups];
}
public function handle($data)
{
$group = GroupBackend::fetch_group_profile($this->params['id']);
$assignment = AssignmentBackend::fetch_assignment_profile(Token::decode($this->params['assignment']));
$data = [];
/** @var UserProfile $user */
foreach (GroupBackend::fetch_group_users($group) as $user) {
$data[] = ["user" => $user->toExternalForm(), "score" => UserBackend::fetch_user_scores($user, $assignment)];
}
return ["users" => $data];
}
public function handle($data)
{
$this->validate_request(["assignment"]);
$group = GroupBackend::fetch_group_profile($this->params['id']);
$users = GroupBackend::fetch_group_users($group);
$assignmentId = Token::decode($data->{"assignment"});
foreach ($users as $user) {
UserBackend::add_user_assignment($user, $assignmentId);
}
$assignmentId = AssignmentBackend::fetch_assignment_profile($assignmentId);
return ["assignment" => $assignmentId];
}
public function handle_get($data)
{
$profile = UserBackend::fetch_user_profile($this->params["id"]);
$data = [];
$data["profile"] = $profile->toExternalForm();
$data["settings"] = UserBackend::fetch_user_settings($profile);
$data["permissions"] = UserBackend::fetch_user_permissions($profile);
$groups = [];
/** @var GroupProfile $group */
foreach (UserBackend::fetch_user_groups($profile) as $group) {
$groups[] = $group->toExternalForm();
}
$data["groups"] = $groups;
return $data;
}
public function handle($data)
{
$this->validate_request(["user", "refresh-token"]);
$profile = UserBackend::fetch_user_profile($data->{"user"});
$refresh = Token::decode($data->{"refresh-token"});
if (!$refresh->getUserSecret() == $profile->getUserId()->getUserSecret()) {
throw new InvalidUserException("User provided and token do not match");
}
if (!TokenBackend::validate_token($this->clientid, $profile->getUserId(), $refresh)) {
throw new InvalidTokenException("Invalid refresh token or userid provided");
}
TokenBackend::clear_tokens($this->clientid, $profile->getUserId(), TOKEN_ACCESS);
$access = TokenBackend::create_token($this->clientid, $profile->getUserId(), TOKEN_ACCESS, "1 HOUR");
return ["user-profile" => $profile->toExternalForm(), "access-token" => ["token" => $access->toString(), "expires" => 3600]];
}
public function handle($data)
{
$this->validate_request(["username", "password"]);
$username = $data->{"username"};
$displayname = $username;
if (isset($data->{"display-name"})) {
$displayname = $data->{"display-name"};
}
if (UserBackend::user_exists($username)) {
throw new EndpointExecutionException("User already exists", ["username" => $username]);
}
// Create their entry in the user database
$profile = UserBackend::create_user($username, $displayname, $data->{"password"});
// Return the new user to the client
return ["user" => $profile->toExternalForm()];
}
public static function check_user_permission(UserProfile $profile, $permission)
{
$query = Database::generate_query("user_permission_check", [$profile->getUserId()->toString(), $permission]);
$result = $query->execute();
$count = $result->count();
$result->close();
if ($count >= 1) {
return true;
}
foreach (UserBackend::fetch_user_groups($profile) as $group) {
if (GroupBackend::check_group_permission($group, $permission)) {
return true;
}
}
return false;
}
private function handlePost($data)
{
$profile = UserBackend::fetch_user_profile($this->params["id"]);
UserBackend::set_user_permission($profile, $this->params["permission"], false);
return [];
}
private function handlePost($data)
{
$profile = UserBackend::fetch_user_profile($this->params["id"]);
UserBackend::delete_user_setting($profile, $this->params["setting"], false);
return [];
}
private function handleOutstanding($data)
{
return UserBackend::fetch_user_assignments_outstanding(UserBackend::fetch_user_profile($this->params['id']));
}
public function handle($data)
{
$profile = UserBackend::fetch_user_profile($this->params["id"]);
$settings = UserBackend::fetch_user_settings($profile);
return ["settings" => $settings];
}
public function handle($data)
{
$user = UserBackend::fetch_user_profile($this->params['id']);
$assignment = AssignmentBackend::fetch_assignment_profile(Token::decode($this->params['assignment']));
return UserBackend::fetch_user_scores($user, $assignment);
}
public function handle($data)
{
$profile = UserBackend::fetch_user_profile($this->params["id"]);
$permissions = UserBackend::fetch_user_permissions($profile);
return ["permissions" => $permissions];
}
