public function getAction($request, $db)
{
$event_id = $this->getItemId($request);
// verbosity
$verbose = $this->getVerbosity($request);
// pagination settings
$start = $this->getStart($request);
$resultsperpage = $this->getResultsPerPage($request);
if (isset($request->url_elements[4])) {
switch ($request->url_elements[4]) {
case 'talks':
$talk_mapper = new TalkMapper($db, $request);
$list = $talk_mapper->getTalksByEventId($event_id, $resultsperpage, $start, $request, $verbose);
break;
case 'comments':
$event_comment_mapper = new EventCommentMapper($db, $request);
$list = $event_comment_mapper->getEventCommentsByEventId($event_id, $resultsperpage, $start, $verbose);
break;
case 'talk_comments':
$sort = $this->getSort($request);
$talk_comment_mapper = new TalkCommentMapper($db, $request);
$list = $talk_comment_mapper->getCommentsByEventId($event_id, $resultsperpage, $start, $verbose, $sort);
break;
default:
throw new InvalidArgumentException('Unknown Subrequest', 404);
break;
}
} else {
$mapper = new EventMapper($db, $request);
if ($event_id) {
$list = $mapper->getEventById($event_id, $verbose);
} else {
// check if we're filtering
if (isset($request->parameters['filter'])) {
switch ($request->parameters['filter']) {
case "hot":
$list = $mapper->getHotEventList($resultsperpage, $start, $verbose);
break;
case "upcoming":
$list = $mapper->getUpcomingEventList($resultsperpage, $start, $verbose);
break;
case "past":
$list = $mapper->getPastEventList($resultsperpage, $start, $verbose);
break;
case "cfp":
$list = $mapper->getOpenCfPEventList($resultsperpage, $start, $verbose);
break;
default:
throw new InvalidArgumentException('Unknown event filter', 404);
break;
}
} else {
$list = $mapper->getEventList($resultsperpage, $start, $verbose);
}
}
}
return $list;
}
public function getAction($request, $db)
{
$comment_id = $this->getItemId($request);
// verbosity
$verbose = $this->getVerbosity($request);
// pagination settings
$start = $this->getStart($request);
$resultsperpage = $this->getResultsPerPage($request);
$mapper = new EventCommentMapper($db, $request);
if ($comment_id) {
$list = $mapper->getCommentById($comment_id, $verbose);
return $list;
}
return false;
}
public function reportComment($request, $db)
{
// must be logged in to report a comment
if (!isset($request->user_id) || empty($request->user_id)) {
throw new Exception('You must log in to report a comment');
}
$comment_mapper = new EventCommentMapper($db, $request);
$commentId = $this->getItemId($request);
$commentInfo = $comment_mapper->getCommentInfo($commentId);
if (false === $commentInfo) {
throw new Exception('Comment not found', 404);
}
$eventId = $commentInfo['event_id'];
$comment_mapper->userReportedComment($commentId, $request->user_id);
// send them to the comments collection
$uri = $request->base . '/' . $request->version . '/events/' . $eventId . "/comments";
header("Location: " . $uri, true, 202);
exit;
}
public function getAction($request, $db)
{
$event_id = $this->getItemId($request);
// verbosity
$verbose = $this->getVerbosity($request);
// pagination settings
$start = $this->getStart($request);
$resultsperpage = $this->getResultsPerPage($request);
if (isset($request->url_elements[4])) {
switch ($request->url_elements[4]) {
case 'talks':
$talk_mapper = new TalkMapper($db, $request);
$list = $talk_mapper->getTalksByEventId($event_id, $resultsperpage, $start, $verbose);
break;
case 'comments':
$event_comment_mapper = new EventCommentMapper($db, $request);
$list = $event_comment_mapper->getEventCommentsByEventId($event_id, $resultsperpage, $start, $verbose);
break;
case 'talk_comments':
$sort = $this->getSort($request);
$talk_comment_mapper = new TalkCommentMapper($db, $request);
$list = $talk_comment_mapper->getCommentsByEventId($event_id, $resultsperpage, $start, $verbose, $sort);
break;
case 'attendees':
$user_mapper = new UserMapper($db, $request);
$list = $user_mapper->getUsersAttendingEventId($event_id, $resultsperpage, $start, $verbose);
break;
case 'attending':
$mapper = new EventMapper($db, $request);
$list = $mapper->getUserAttendance($event_id, $request->user_id);
break;
case 'tracks':
$mapper = new TrackMapper($db, $request);
$list = $mapper->getTracksByEventId($event_id, $resultsperpage, $start, $verbose);
break;
default:
throw new InvalidArgumentException('Unknown Subrequest', 404);
break;
}
} else {
$mapper = new EventMapper($db, $request);
$user_mapper = new UserMapper($db, $request);
$isSiteAdmin = $user_mapper->isSiteAdmin($request->user_id);
$activeEventsOnly = $isSiteAdmin ? false : true;
if ($event_id) {
$list = $mapper->getEventById($event_id, $verbose, $activeEventsOnly);
if (count($list['events']) == 0) {
throw new Exception('Event not found', 404);
}
} else {
// handle the filter parameters
$params = array();
// collection type filter
$filters = array("hot", "upcoming", "past", "cfp", "pending");
if (isset($request->parameters['filter']) && in_array($request->parameters['filter'], $filters)) {
$params["filter"] = $request->parameters['filter'];
// for pending events we need a logged in user with the correct permissions
if ($params["filter"] == 'pending') {
if (!isset($request->user_id)) {
throw new Exception("You must be logged in to view pending events", 400);
}
$user_mapper = new UserMapper($db, $request);
$canApproveEvents = $user_mapper->isSiteAdmin($request->user_id);
if (!$canApproveEvents) {
throw new Exception("You don't have permission to view pending events", 403);
}
}
}
if (isset($request->parameters['title'])) {
$title = filter_var($request->parameters['title'], FILTER_SANITIZE_STRING);
$params["title"] = $title;
}
if (isset($request->parameters['stub'])) {
$stub = filter_var($request->parameters['stub'], FILTER_SANITIZE_STRING);
$params["stub"] = $stub;
}
if (isset($request->parameters['tags'])) {
// if it isn't an array, make it one
if (is_array($request->parameters['tags'])) {
foreach ($request->parameters['tags'] as $t) {
$tags[] = filter_var(trim($t), FILTER_SANITIZE_STRING);
}
} else {
$tags = array(filter_var(trim($request->parameters['tags']), FILTER_SANITIZE_STRING));
}
$params["tags"] = $tags;
}
if (isset($request->parameters['startdate'])) {
$start_datetime = new DateTime($request->parameters['startdate']);
if ($start_datetime) {
$params["startdate"] = $start_datetime->format("U");
}
}
if (isset($request->parameters['enddate'])) {
$end_datetime = new DateTime($request->parameters['enddate']);
if ($end_datetime) {
$params["enddate"] = $end_datetime->format("U");
}
}
$list = $mapper->getEventList($resultsperpage, $start, $params, $verbose);
}
}
return $list;
}
public function createComment($request, $db)
{
$comment = array();
$comment['event_id'] = $this->getItemId($request);
if (empty($comment['event_id'])) {
throw new Exception("POST expects a comment representation sent to a specific event URL", 400);
}
// no anonymous comments over the API
if (!isset($request->user_id) || empty($request->user_id)) {
throw new Exception('You must log in to comment');
}
$user_mapper = new UserMapper($db, $request);
$users = $user_mapper->getUserById($request->user_id);
$thisUser = $users['users'][0];
$rating = $request->getParameter('rating', false);
if (false === $rating) {
throw new Exception('The field "rating" is required', 400);
} elseif (false === is_numeric($rating) || $rating > 5) {
throw new Exception('The field "rating" must be a number (1-5)', 400);
}
$commentText = $request->getParameter('comment');
if (empty($commentText)) {
throw new Exception('The field "comment" is required', 400);
}
// Get the API key reference to save against the comment
$oauth_model = $request->getOauthModel($db);
$consumer_name = $oauth_model->getConsumerName($request->getAccessToken());
$comment['user_id'] = $request->user_id;
$comment['comment'] = $commentText;
$comment['rating'] = $rating;
$comment['cname'] = $thisUser['full_name'];
$comment['source'] = $consumer_name;
// run it by akismet if we have it
if (isset($this->config['akismet']['apiKey'], $this->config['akismet']['blog'])) {
$spamCheckService = new SpamCheckService($this->config['akismet']['apiKey'], $this->config['akismet']['blog']);
$isValid = $spamCheckService->isCommentAcceptable($comment, $request->getClientIP(), $request->getClientUserAgent());
if (!$isValid) {
throw new Exception("Comment failed spam check", 400);
}
}
$event_mapper = new EventMapper($db, $request);
$comment_mapper = new EventCommentMapper($db, $request);
// should rating be allowed?
if ($comment_mapper->hasUserRatedThisEvent($comment['user_id'], $comment['event_id'])) {
$comment['rating'] = 0;
}
if ($event_mapper->isUserAHostOn($comment['user_id'], $comment['event_id'])) {
// event hosts cannot rate their own event
$comment['rating'] = 0;
}
try {
$new_id = $comment_mapper->save($comment);
} catch (Exception $e) {
// just throw this again but with a 400 status code
throw new Exception($e->getMessage(), 400);
}
// Update the cache count for the number of event comments on this event
$event_mapper->cacheCommentCount($comment['event_id']);
$uri = $request->base . '/' . $request->version . '/event_comments/' . $new_id;
header("Location: " . $uri, NULL, 201);
exit;
}
public function reportComment($request, $db)
{
// must be logged in to report a comment
if (!isset($request->user_id) || empty($request->user_id)) {
throw new Exception('You must log in to report a comment');
}
$comment_mapper = new EventCommentMapper($db, $request);
$commentId = $this->getItemId($request);
$commentInfo = $comment_mapper->getCommentInfo($commentId);
if (false === $commentInfo) {
throw new Exception('Comment not found', 404);
}
$eventId = $commentInfo['event_id'];
$comment_mapper->userReportedComment($commentId, $request->user_id);
// notify event admins
$comment = $comment_mapper->getCommentById($commentId, true, true);
$event_mapper = new EventMapper($db, $request);
$recipients = $event_mapper->getHostsEmailAddresses($eventId);
$event = $event_mapper->getEventById($eventId, true, true);
$emailService = new EventCommentReportedEmailService($this->config, $recipients, $comment, $event);
$emailService->sendEmail();
// send them to the comments collection
$uri = $request->base . '/' . $request->version . '/events/' . $eventId . "/comments";
header("Location: " . $uri, true, 202);
exit;
}
/**
* Moderate a reported comment.
*
* This action is performed by a user that has administrative rights to the
* event that this comment is for. The user provides a decision on the
* report. That is, the user can approve the report which means that the
* comment remains hidden from view or the user can deny the report which
* means that the comment is viewable again.
*
* @param Request $request the request
* @param PDO $db the database adapter
*/
public function moderateReportedComment($request, $db)
{
// must be logged in
if (!isset($request->user_id) || empty($request->user_id)) {
throw new Exception('You must log in to moderate a comment', 401);
}
$comment_mapper = new EventCommentMapper($db, $request);
$commentId = $this->getItemId($request);
$commentInfo = $comment_mapper->getCommentInfo($commentId);
if (false === $commentInfo) {
throw new Exception('Comment not found', 404);
}
$event_mapper = new EventMapper($db, $request);
$event_id = $commentInfo['event_id'];
if (false == $event_mapper->thisUserHasAdminOn($event_id)) {
throw new Exception("You don't have permission to do that", 403);
}
$decision = $request->getParameter('decision');
if (!in_array($decision, ['approved', 'denied'])) {
throw new Exception('Unexpected decision', 400);
}
$comment_mapper->moderateReportedComment($decision, $commentId, $request->user_id);
$uri = $request->base . '/' . $request->version . '/events/' . $event_id . "/comments";
header("Location: {$uri}", true, 204);
exit;
}
