function routes(&$router)
{
$router->get('/documents/:range_id/folder(/:folder_id)', function ($range_id, $folder_id = null) use($router) {
$folder_id = $folder_id ?: $range_id;
if (!Document::isActivated($range_id)) {
$router->halt(400, sprintf('Range %s has no documents', $range_id));
}
if (!Helper::UserHasAccessToRange($range_id)) {
$router->halt(403, sprintf('User may not access range %s', $range_id));
}
if (!Document::folderBelongsToRange($range_id, $folder_id)) {
$router->halt(404, sprintf('No folder %s for range %s', $folder_id, $range_id));
}
$folders = Document::loadFolders($folder_id);
$documents = Document::loadFiles($folder_id, 'folder');
if ($router->compact()) {
$router->render(compact('folders', 'documents'));
return;
}
$users = array();
foreach ($folders as &$folder) {
if (!isset($users[$folder['user_id']])) {
$users[$folder['user_id']] = reset($router->dispatch('get', '/user(/:user_id)', $folder['user_id']));
}
}
foreach ($documents as &$document) {
if (!isset($users[$document['user_id']])) {
$users[$document['user_id']] = reset($router->dispatch('get', '/user(/:user_id)', $document['user_id']));
}
}
$router->render(compact('folders', 'documents', 'users'));
});
$router->get('/documents/:document_id', function ($document_id) use($router) {
$document = new StudipDocument($document_id);
if (!$document->checkAccess($GLOBALS['user']->id)) {
$router->halt(403, sprintf('User may not access file %s', $document_id));
}
$document = Document::loadFiles($document_id);
if ($router->compact()) {
$router->render(compact('document'));
return;
}
$user[$document['user_id']] = reset($router->dispatch('get', '/user(/:user_id)', $document['user_id']));
$router->render(compact('document', 'user'));
});
// See public/sendfile.php
$router->get('/documents/:document_id/download', function ($document_id) use($router) {
$document = new StudipDocument($document_id);
if (!$document->checkAccess($GLOBALS['user']->id)) {
$router->halt(403, sprintf('User may not access file %s', $document_id));
}
$file = $path_file = get_upload_file_path($document_id);
if (!file_exists($file)) {
$router->halt(404, sprintf('File contents for file %s not found', $document_id));
}
header('Expires: Mon, 12 Dec 2001 08:00:00 GMT');
header('Last-Modified: ' . gmdate('D, d M Y H:i:s') . ' GMT');
if ($_SERVER['HTTPS'] == 'on') {
header('Pragma: public');
header('Cache-Control: private');
} else {
header('Pragma: no-cache');
header('Cache-Control: no-store, no-cache, must-revalidate');
// HTTP/1.1
}
header('Cache-Control: post-check=0, pre-check=0', false);
header(sprintf('Content-Type: %s; name="%s"', get_mime_type($document->getValue('filename')), $document->getValue('filename')));
header('Content-Description: File Transfer');
header('Content-Transfer-Encoding: binary');
header('Content-Length: ' . filesize($file));
@readfile_chunked($path_file);
TrackAccess($document_id, 'dokument');
die;
});
}
/**
*
**/
public function routes(&$router)
{
// Get news of a range id
$router->get('/news(/range/:range_id)', function ($range_id = false) use($router) {
$range_id = $range_id ?: $GLOBALS['user']->id;
if (!Helper::UserHasAccessToRange($range_id)) {
$router->halt(403, sprintf('User may not access range %s', $range_id));
}
$news = array_values(News::loadRange($range_id));
if ($router->compact()) {
$router->render(compact('news'));
return;
}
foreach ($news as $index => $n) {
if ($n['allow_comments']) {
$comments = $router->dispatch('get', '/news/:news_id/comments', $n['news_id']);
$news[$index]['comments'] = $comments['comments'];
}
}
$users = array_values(NewsRoute::extractUsers($news, $router));
$router->render(compact('news', 'users'));
})->conditions(array('range_id' => '(studip|[a-f0-9]{32})'));
// Create news for a specific range
$router->post('/news(/range/:range_id)', function () use($router) {
$range_id = $range_id ?: $GLOBALS['user']->id;
if (!Helper::UserHasAccessToRange($range_id)) {
$router->halt(403, sprintf('User may not access range %s', $range_id));
}
$title = trim(Request::get('title'));
if (empty($title)) {
$router->halt(406, 'No news title provided');
}
$body = trim(Request::get('body'));
if (empty($body)) {
$router->halt(406, 'No news body provided');
}
$news = new \StudipNews();
$news->user_id = $GLOBALS['user']->id;
$news->author = $GLOBALS['user']->getFullName();
$news->topic = $title;
$news->body = $body;
$news->date = time();
$news->expire = Request::int('expire', 2 * 7 * 24 * 60 * 60);
$news->allow_comments = Request::int('allow_comments', 0);
if (!$news->store()) {
$router->halt(501, 'Could not create news');
}
$news->addRange($range_id);
$news->storeRanges();
$router->render($router->dispatch('get', '/news/:news_id', $news->news_id), 201);
})->conditions(array('range_id' => '(studip|[a-f0-9]{32})'));
// Get news data
$router->get('/news/:news_id', function ($news_id) use($router) {
$news = News::load($news_id);
if (!$news) {
$router->halt(404, sprintf('News %s not found', $news_id));
}
if ($router->compact()) {
$router->render(compact('news'));
return;
}
$users = NewsRoute::extractUsers(array($news), $router);
if ($news['allow_comments']) {
$news['comments'] = reset($router->dispatch('get', '/news/:news_id/comments', $news_id));
}
$router->render(compact('news', 'users'));
});
// Update news
$router->put('/news/:news_id', function ($news_id) use($router) {
global $_PUT;
$news = new \StudipNews($news_id);
if (!$news) {
$router->halt(404, sprintf('News %s not found', $news_id));
}
/*
// TODO Check access
if (!Helper::UserHasAccessToRange($range_id)) {
$router->halt(403, sprintf('User may not access range %s', $range_id));
}
*/
if (isset($_PUT['title'])) {
$title = trim($_PUT['title']);
if (empty($title)) {
$router->halt(406, 'No news title provided');
}
$news->topic = $title;
}
if (isset($_PUT['body'])) {
$body = trim($_PUT['body']);
if (empty($body)) {
$router->halt(406, 'No news body provided');
}
$news->body = $body;
}
// date?
if (isset($_PUT['expire'])) {
$news->expire = $_PUT['expire'] ?: $news->expire;
}
if (isset($_PUT['allow_comments'])) {
$news->allow_comments = (int) $_PUT['allow_comments'];
}
if (!$news->store()) {
$router->halt(501, 'Could not update news');
}
$router->render($router->dispatch('get', '/news/:news_id', $news->news_id), 201);
});
// Delete news
$router->delete('/news/:news_id', function ($news_id) use($router) {
$news = \StudipNews::find($news_id);
if (!$news) {
$router->halt(404, sprintf('News %s not found', $news_id));
}
$news->delete();
$router->halt(200, sprintf('Deleted news %s.', $news_id));
});
}
