} //Get a user sent from client and convert it to a json object $objMedia['mediaId'] = $mediaId; $objMedia['designerId'] = $rs['data']->id; //So even with a valid apiKey, the designer can access her own resources only $response = MediaService::deleteMedia($objMedia); Utils::echoResponse($response); }); $app->get('/mediaForEntity/:designerId/:experienceId/:entityId/:entityType', function ($designerId, $experienceId, $entityId, $entityType) use($app) { //Check authentication $rs = UserService::checkAuthentication($app->request->headers->get('apiKey')); if ($rs["status"] != SUCCESS) { Utils::echoResponse($rs); return; } $response = MediaService::getMediaForEntity($designerId, $experienceId, $entityId, $entityType); Utils::echoResponse($response); }); //This endpoint is called by SPET so no user info $app->get('/mediaForEntityForSpet/:experienceId/:entityId/:entityType', function ($experienceId, $entityId, $entityType) use($app) { $response = MediaService::getMediaForEntityForSpet($experienceId, $entityId, $entityType); Utils::echoResponse($response); }); $app->put('/mediaForEntity/:designerId/:experienceId/:entityId/:entityType', function ($designerId, $experienceId, $entityId, $entityType) use($app) { //Check authentication $rs = UserService::checkAuthentication($app->request->headers->get('apiKey')); if ($rs["status"] != SUCCESS) { Utils::echoResponse($rs); return; } //Get a user sent from client and convert it to a json object