public function getAction($request, $db)
{
$talk_id = $this->getItemId($request);
// verbosity
$verbose = $this->getVerbosity($request);
// pagination settings
$start = $this->getStart($request);
$resultsperpage = $this->getResultsPerPage($request);
if (isset($request->url_elements[4])) {
// sub elements
if ($request->url_elements[4] == "comments") {
$comment_mapper = new TalkCommentMapper($db, $request);
$list = $comment_mapper->getCommentsByTalkId($talk_id, $resultsperpage, $start, $verbose);
}
} else {
if ($talk_id) {
$mapper = new TalkMapper($db, $request);
$list = $mapper->getTalkById($talk_id, $verbose);
} else {
// listing makes no sense
return false;
}
}
return $list;
}
public function reportComment($request, $db)
{
// must be logged in to report a comment
if (!isset($request->user_id) || empty($request->user_id)) {
throw new Exception('You must log in to report a comment');
}
$comment_mapper = new TalkCommentMapper($db, $request);
$commentId = $this->getItemId($request);
$commentInfo = $comment_mapper->getCommentInfo($commentId);
if (false === $commentInfo) {
throw new Exception('Comment not found', 404);
}
$talkId = $commentInfo['talk_id'];
$eventId = $commentInfo['event_id'];
$comment_mapper->userReportedComment($commentId, $request->user_id);
// notify event admins
$comment = $comment_mapper->getCommentById($commentId, true, true);
$event_mapper = new EventMapper($db, $request);
$recipients = $event_mapper->getHostsEmailAddresses($eventId);
$emailService = new CommentReportedEmailService($this->config, $recipients, $comment);
$emailService->sendEmail();
// send them to the comments collection
$uri = $request->base . '/' . $request->version . '/talks/' . $talkId . "/comments";
header("Location: " . $uri, true, 202);
exit;
}
protected function postAction($request, $db)
{
$talk_id = $this->getItemId($request);
if (isset($request->url_elements[4])) {
// sub elements
if ($request->url_elements[4] == "comments") {
// no anonymous comments over the API
if (!isset($request->user_id) || empty($request->user_id)) {
throw new BadRequestException('You must log in to comment');
}
$comment = $request->getParameter('comment');
if (empty($comment)) {
throw new BadRequestException('The field "comment" is required');
}
$rating = $request->getParameter('rating');
if (empty($rating)) {
throw new BadRequestException('The field "rating" is required');
}
$comment_mapper = new TalkCommentMapper($db, $request);
$data['user_id'] = $request->user_id;
$data['talk_id'] = $talk_id;
$data['comment'] = $comment;
$data['rating'] = $rating;
$comment_mapper->save($data);
header("Location: " . $request->base . $request->path_info);
exit;
}
} else {
throw new Exception("method not yet supported - sorry");
}
}
public function getAction($request, $db)
{
$event_id = $this->getItemId($request);
// verbosity
$verbose = $this->getVerbosity($request);
// pagination settings
$start = $this->getStart($request);
$resultsperpage = $this->getResultsPerPage($request);
if (isset($request->url_elements[4])) {
switch ($request->url_elements[4]) {
case 'talks':
$talk_mapper = new TalkMapper($db, $request);
$list = $talk_mapper->getTalksByEventId($event_id, $resultsperpage, $start, $request, $verbose);
break;
case 'comments':
$event_comment_mapper = new EventCommentMapper($db, $request);
$list = $event_comment_mapper->getEventCommentsByEventId($event_id, $resultsperpage, $start, $verbose);
break;
case 'talk_comments':
$sort = $this->getSort($request);
$talk_comment_mapper = new TalkCommentMapper($db, $request);
$list = $talk_comment_mapper->getCommentsByEventId($event_id, $resultsperpage, $start, $verbose, $sort);
break;
default:
throw new InvalidArgumentException('Unknown Subrequest', 404);
break;
}
} else {
$mapper = new EventMapper($db, $request);
if ($event_id) {
$list = $mapper->getEventById($event_id, $verbose);
} else {
// check if we're filtering
if (isset($request->parameters['filter'])) {
switch ($request->parameters['filter']) {
case "hot":
$list = $mapper->getHotEventList($resultsperpage, $start, $verbose);
break;
case "upcoming":
$list = $mapper->getUpcomingEventList($resultsperpage, $start, $verbose);
break;
case "past":
$list = $mapper->getPastEventList($resultsperpage, $start, $verbose);
break;
case "cfp":
$list = $mapper->getOpenCfPEventList($resultsperpage, $start, $verbose);
break;
default:
throw new InvalidArgumentException('Unknown event filter', 404);
break;
}
} else {
$list = $mapper->getEventList($resultsperpage, $start, $verbose);
}
}
}
return $list;
}
public function getAction($request, $db)
{
$user_id = $this->getItemId($request);
// verbosity
$verbose = $this->getVerbosity($request);
// pagination settings
$start = $this->getStart($request);
$resultsperpage = $this->getResultsPerPage($request);
if (isset($request->url_elements[4])) {
switch ($request->url_elements[4]) {
case 'talks':
$talk_mapper = new TalkMapper($db, $request);
$talks = $talk_mapper->getTalksBySpeaker($user_id, $resultsperpage, $start);
$list = $talks->getOutputView($request, $verbose);
break;
case 'hosted':
$event_mapper = new EventMapper($db, $request);
$list = $event_mapper->getEventsHostedByUser($user_id, $resultsperpage, $start, $verbose);
break;
case 'attended':
$event_mapper = new EventMapper($db, $request);
$list = $event_mapper->getEventsAttendedByUser($user_id, $resultsperpage, $start, $verbose);
break;
case 'talk_comments':
$talkComment_mapper = new TalkCommentMapper($db, $request);
$list = $talkComment_mapper->getCommentsByUserId($user_id, $resultsperpage, $start, $verbose);
break;
default:
throw new InvalidArgumentException('Unknown Subrequest', 404);
break;
}
} else {
$mapper = new UserMapper($db, $request);
if ($user_id) {
$list = $mapper->getUserById($user_id, $verbose);
if (count($list['users']) == 0) {
throw new Exception('User not found', 404);
}
} else {
if (isset($request->parameters['username'])) {
$username = filter_var($request->parameters['username'], FILTER_SANITIZE_STRING);
$list = $mapper->getUserByUsername($username, $verbose);
if ($list === false) {
throw new Exception('Username not found', 404);
}
} else {
$list = $mapper->getUserList($resultsperpage, $start, $verbose);
}
}
}
return $list;
}
public function getAction($request, $db)
{
$comment_id = $this->getItemId($request);
// verbosity
$verbose = $this->getVerbosity($request);
// pagination settings
$start = $this->getStart($request);
$resultsperpage = $this->getResultsPerPage($request);
$mapper = new TalkCommentMapper($db, $request);
if ($comment_id) {
$list = $mapper->getCommentById($comment_id, $verbose);
return $list;
}
return false;
}
public function getAction($request, $db)
{
$event_id = $this->getItemId($request);
// verbosity
$verbose = $this->getVerbosity($request);
// pagination settings
$start = $this->getStart($request);
$resultsperpage = $this->getResultsPerPage($request);
if (isset($request->url_elements[4])) {
switch ($request->url_elements[4]) {
case 'talks':
$talk_mapper = new TalkMapper($db, $request);
$list = $talk_mapper->getTalksByEventId($event_id, $resultsperpage, $start, $verbose);
break;
case 'comments':
$event_comment_mapper = new EventCommentMapper($db, $request);
$list = $event_comment_mapper->getEventCommentsByEventId($event_id, $resultsperpage, $start, $verbose);
break;
case 'talk_comments':
$sort = $this->getSort($request);
$talk_comment_mapper = new TalkCommentMapper($db, $request);
$list = $talk_comment_mapper->getCommentsByEventId($event_id, $resultsperpage, $start, $verbose, $sort);
break;
case 'attendees':
$user_mapper = new UserMapper($db, $request);
$list = $user_mapper->getUsersAttendingEventId($event_id, $resultsperpage, $start, $verbose);
break;
case 'attending':
$mapper = new EventMapper($db, $request);
$list = $mapper->getUserAttendance($event_id, $request->user_id);
break;
case 'tracks':
$mapper = new TrackMapper($db, $request);
$list = $mapper->getTracksByEventId($event_id, $resultsperpage, $start, $verbose);
break;
default:
throw new InvalidArgumentException('Unknown Subrequest', 404);
break;
}
} else {
$mapper = new EventMapper($db, $request);
$user_mapper = new UserMapper($db, $request);
$isSiteAdmin = $user_mapper->isSiteAdmin($request->user_id);
$activeEventsOnly = $isSiteAdmin ? false : true;
if ($event_id) {
$list = $mapper->getEventById($event_id, $verbose, $activeEventsOnly);
if (count($list['events']) == 0) {
throw new Exception('Event not found', 404);
}
} else {
// handle the filter parameters
$params = array();
// collection type filter
$filters = array("hot", "upcoming", "past", "cfp", "pending");
if (isset($request->parameters['filter']) && in_array($request->parameters['filter'], $filters)) {
$params["filter"] = $request->parameters['filter'];
// for pending events we need a logged in user with the correct permissions
if ($params["filter"] == 'pending') {
if (!isset($request->user_id)) {
throw new Exception("You must be logged in to view pending events", 400);
}
$user_mapper = new UserMapper($db, $request);
$canApproveEvents = $user_mapper->isSiteAdmin($request->user_id);
if (!$canApproveEvents) {
throw new Exception("You don't have permission to view pending events", 403);
}
}
}
if (isset($request->parameters['title'])) {
$title = filter_var($request->parameters['title'], FILTER_SANITIZE_STRING);
$params["title"] = $title;
}
if (isset($request->parameters['stub'])) {
$stub = filter_var($request->parameters['stub'], FILTER_SANITIZE_STRING);
$params["stub"] = $stub;
}
if (isset($request->parameters['tags'])) {
// if it isn't an array, make it one
if (is_array($request->parameters['tags'])) {
foreach ($request->parameters['tags'] as $t) {
$tags[] = filter_var(trim($t), FILTER_SANITIZE_STRING);
}
} else {
$tags = array(filter_var(trim($request->parameters['tags']), FILTER_SANITIZE_STRING));
}
$params["tags"] = $tags;
}
if (isset($request->parameters['startdate'])) {
$start_datetime = new DateTime($request->parameters['startdate']);
if ($start_datetime) {
$params["startdate"] = $start_datetime->format("U");
}
}
if (isset($request->parameters['enddate'])) {
$end_datetime = new DateTime($request->parameters['enddate']);
if ($end_datetime) {
$params["enddate"] = $end_datetime->format("U");
}
}
$list = $mapper->getEventList($resultsperpage, $start, $params, $verbose);
}
}
return $list;
}
public function postAction($request, $db)
{
if (!isset($request->user_id)) {
throw new Exception("You must be logged in to create data", 400);
}
$talk_id = $this->getItemId($request);
if (isset($request->url_elements[4])) {
switch ($request->url_elements[4]) {
case "comments":
$comment = $request->getParameter('comment');
if (empty($comment)) {
throw new Exception('The field "comment" is required', 400);
}
$rating = $request->getParameter('rating');
if (empty($rating)) {
throw new Exception('The field "rating" is required', 400);
}
$private = $request->getParameter('private') ? 1 : 0;
// Get the API key reference to save against the comment
$oauth_model = $request->getOauthModel($db);
$consumer_name = $oauth_model->getConsumerName($request->getAccessToken());
$talk_mapper = new TalkMapper($db, $request);
$comment_mapper = new TalkCommentMapper($db, $request);
$data['user_id'] = $request->user_id;
$data['talk_id'] = $talk_id;
$data['comment'] = $comment;
$data['rating'] = $rating;
$data['private'] = $private;
$data['source'] = $consumer_name;
try {
// run it by akismet if we have it
if (isset($this->config['akismet']['apiKey'], $this->config['akismet']['blog'])) {
$spamCheckService = new SpamCheckService($this->config['akismet']['apiKey'], $this->config['akismet']['blog']);
$isValid = $spamCheckService->isCommentAcceptable($data, $request->getClientIP(), $request->getClientUserAgent());
if (!$isValid) {
throw new Exception("Comment failed spam check", 400);
}
}
// should rating be allowed?
if ($comment_mapper->hasUserRatedThisTalk($data['user_id'], $data['talk_id'])) {
$data['rating'] = 0;
}
if ($talk_mapper->isUserASpeakerOnTalk($data['talk_id'], $data['user_id'])) {
// speakers cannot cannot rate their own talk
$data['rating'] = 0;
}
$new_id = $comment_mapper->save($data);
} catch (Exception $e) {
// just throw this again but with a 400 status code
throw new Exception($e->getMessage(), 400);
}
if ($new_id) {
$comment = $comment_mapper->getCommentById($new_id);
$talk = $talk_mapper->getTalkById($talk_id);
$speakers = $talk_mapper->getSpeakerEmailsByTalkId($talk_id);
$recipients = array();
foreach ($speakers as $person) {
$recipients[] = $person['email'];
}
$emailService = new TalkCommentEmailService($this->config, $recipients, $talk, $comment);
$emailService->sendEmail();
$uri = $request->base . '/' . $request->version . '/talk_comments/' . $new_id;
header("Location: " . $uri, true, 201);
exit;
} else {
throw new Exception("The comment could not be stored", 400);
}
break;
case 'starred':
// the body of this request is completely irrelevant
// The logged in user *is* attending the talk. Use DELETE to unattend
$talk_mapper = new TalkMapper($db, $request);
$talk_mapper->setUserStarred($talk_id, $request->user_id);
header("Location: " . $request->base . $request->path_info, null, 201);
exit;
default:
throw new Exception("Operation not supported, sorry", 404);
}
} else {
throw new Exception("method not supported - sorry");
}
}
/**
* Moderate a reported comment.
*
* This action is performed by a user that has administrative rights to the
* event that this comment is for. The user provides a decision on the
* report. That is, the user can approve the report which means that the
* comment remains hidden from view or the user can deny the report which
* means that the comment is viewable again.
*
* @param Request $request the request
* @param PDO $db the database adapter
*/
public function moderateReportedComment($request, $db)
{
// must be logged in
if (!isset($request->user_id) || empty($request->user_id)) {
throw new Exception('You must log in to moderate a comment', 401);
}
$comment_mapper = new TalkCommentMapper($db, $request);
$commentId = $this->getItemId($request);
$commentInfo = $comment_mapper->getCommentInfo($commentId);
if (false === $commentInfo) {
throw new Exception('Comment not found', 404);
}
$event_mapper = new EventMapper($db, $request);
$event_id = $commentInfo['event_id'];
if (false == $event_mapper->thisUserHasAdminOn($event_id)) {
throw new Exception("You don't have permission to do that", 403);
}
$decision = $request->getParameter('decision');
if (!in_array($decision, ['approved', 'denied'])) {
throw new Exception('Unexpected decision', 400);
}
$comment_mapper->moderateReportedComment($decision, $commentId, $request->user_id);
$talk_id = $commentInfo['talk_id'];
$uri = $request->base . '/' . $request->version . '/talks/' . $talk_id . "/comments";
header("Location: {$uri}", true, 204);
exit;
}