private function getParam($param) { $param_value = \LockerRequest::getParam($param); $value = json_decode($param_value, true); if ($value === null && $param_value === null) { throw new Exceptions\Exception("Expected `{$param}` to be defined as a URL parameter."); } else { if ($value === null) { throw new Exceptions\Exception("Expected the value of `{$param}` to be valid JSON in the URL parameter."); } } return $value; }
/** * Updates (PUTs) Statement with the given id. * @param [String => mixed] $options * @return Response */ public function update($options) { $this->createStatements($options, function ($statements) { $statement_id = \LockerRequest::getParam(StatementController::STATEMENT_ID); // Returns a error if identifier is not present. if (!$statement_id) { throw new Exceptions\Exception('A statement ID is required to PUT.'); } // Adds the ID to the statement. $statements[0]->id = $statement_id; return $statements; }); return IlluminateResponse::make('', 204, $this->getCORSHeaders()); }
/** * Handles routing to single and multiple document delete requests * * @param int $id * @return Response */ public function destroy() { // Runs filters. if ($result = $this->checkVersion()) { return $result; } $singleDelete = \LockerRequest::hasParam($this->identifier); if ($singleDelete) { $data = $this->getShowData(); } else { $data = $this->getIndexData(); } return $this->completeDelete($data, $singleDelete); }
protected function validatedParam($type, $param, $default = null) { $paramValue = \LockerRequest::getParam($param, $default); $value = $this->decodeValue($paramValue); if (isset($value)) { $this->validateValue($param, $value, $type); } return $value; }
/** * Gets the username and password from the authorization string. * @return [String] Formed of [Username, Password] */ static function getUserPassFromAuth() { $authorization = \LockerRequest::header('Authorization'); if ($authorization !== null && strpos($authorization, 'Basic') === 0) { list($username, $password) = Helpers::getUserPassFromBAuth($authorization); } else { if ($authorization !== null && strpos($authorization, 'Bearer') === 0) { list($username, $password) = Helpers::getUserPassFromOAuth($authorization); } else { throw new Exceptions\Exception('Invalid auth', 400); } } return [$username, $password]; }
/** * Checks and gets the updated header. * @return String The updated timestamp ISO 8601 formatted. */ public function getUpdatedValue() { $updated = \LockerRequest::header('Updated'); // Checks the updated parameter. if (!empty($updated)) { if (!$this->validateTimestamp($updated)) { \App::abort(400, sprintf("`%s` is not an valid ISO 8601 formatted timestamp", $updated)); } } else { $updated = Carbon::now()->toISO8601String(); } return $updated; }
/** * Grab site stats * @return Response **/ public function getGraphData() { $startDate = \LockerRequest::getParam('graphStartDate'); $endDate = \LockerRequest::getParam('graphEndDate'); $startDate = !$startDate ? null : new \Carbon\Carbon($startDate); $endDate = !$endDate ? null : new \Carbon\Carbon($endDate); $admin_dashboard = new \app\locker\data\dashboards\AdminDashboard(); $graph_data = $admin_dashboard->getGraphData($startDate, $endDate); return Response::json($graph_data); }
/* |-------------------------------------------------------------------------- | Guest Filter |-------------------------------------------------------------------------- | | The "guest" filter is the counterpart of the authentication filters as | it simply checks that the current user is not logged in. A redirect | response will be issued if they are, which you may freely change. | */ Route::filter('guest', function () { if (Auth::check()) { return Redirect::to('/'); } }); /* |-------------------------------------------------------------------------- | CSRF Protection Filter |-------------------------------------------------------------------------- | | The CSRF filter is responsible for protecting your application against | cross-site request forgery attacks. If this special token in a user | session does not match the one given in this request, we'll bail. | */ Route::filter('csrf', function () { $token = Request::ajax() ? LockerRequest::header('X-CSRF-Token') : Input::get('_token'); if (Session::token() !== $token) { throw new Illuminate\Session\TokenMismatchException(); } });
/** * Checks params to comply with requirements. * https://github.com/adlnet/xAPI-Spec/blob/master/xAPI.md#723-getstatements **/ private function validateIds() { // Attempts to get IDs from the params. $statementId = \LockerRequest::getParam(self::STATEMENT_ID); $voidedId = \LockerRequest::getParam(self::VOIDED_ID); // Returns an error if both `statementId` and `voidedId` are set. if ($statementId && $voidedId) { throw new Exceptions\Exception('You can\'t request based on both`' . self::STATEMENT_ID . '` and `' . self::VOIDED_ID . '`'); } else { if ($statementId || $voidedId) { $allowedParams = ['content', self::STATEMENT_ID, self::VOIDED_ID, 'attachments', 'format']; // Returns an error if a $key is not an allowed param. foreach ($this->params as $key => $value) { if (!in_array($key, $allowedParams)) { throw new Exceptions\Exception('When using `' . self::STATEMENT_ID . '` or `' . self::VOIDED_ID . '`, the only other parameters allowed are `attachments` and/or `format`.'); } } } } }