public function handle($data) { $this->validate_request(["assignment", "answers"]); $assignmentId = Token::decode($data->{'assignment'}); $user = UserBackend::fetch_user_profile($this->params['id']); $assignment = AssignmentBackend::fetch_assignment_profile($assignmentId); $answers = AssessmentBackend::fetch_assessment_answers(new AssessmentProfile($assignment['assessment-id'])); $provided = $data->{'answers'}; $scores = []; foreach ($answers as $answer) { /** @var Token $question */ $question = $answer['question-id']; $score = ["question-id" => $question->toString(), "question-number" => $answer['question-number'], "max-score" => 1]; if ($answer['question-type'] == QuestionType::MULTI_CHOICE) { $score['score'] = $this->mark_multichoice_question($answer['answer-value'], $provided->{$question->toString()}); } elseif ($answer['question-type'] == QuestionType::ANSWER) { $score['score'] = $this->mark_answer_question($answer['answer-value'], $provided->{$question->toString()}); } $scores[] = $score; } if (count($scores) != count($answers)) { throw new EndpointExecutionException("An error has occurred whilst executing this endpoint"); } UserBackend::add_assignment_scores($user, $assignmentId, $assignment['assessment-id'], $scores); return ["scores" => $scores]; }
public function handle($data) { $this->validate_request(["user"]); $profile = UserBackend::fetch_user_profile($data->{"user"}); $token = TokenBackend::create_token($this->clientid, $profile->getUserId(), TOKEN_REQUEST, "1 HOUR"); return ["user" => $profile->toExternalForm(), "request-token" => $token->toExternalForm(3600)]; }
public function handle($data) { $this->validate_request(["user", "request-token", "password"]); // Check to see if request token is valid $request = Token::decode($data->{"request-token"}); $profile = UserBackend::fetch_user_profile($data->{"user"}); if ($request->getType() != TOKEN_REQUEST) { throw new InvalidTokenException("Request token provided is not a valid request token"); } if (!TokenBackend::validate_token($this->clientid, $profile->getUserId(), $request)) { throw new InvalidTokenException("Request token is invalid"); } // Remove used request token TokenBackend::invalidate_token($this->clientid, $request); // Check to see if username matches password $password = $data->{"password"}; if (!UserBackend::validate_user($profile, $password)) { throw new AuthenticationException("Invalid password for user", ["user" => $profile->toExternalForm()]); } // Remove any current login sessions for this user and this client TokenBackend::clear_tokens($this->clientid, $profile->getUserId(), TOKEN_ACCESS); TokenBackend::clear_tokens($this->clientid, $profile->getUserId(), TOKEN_REFRESH); // create the new login session $accessToken = TokenBackend::create_token($this->clientid, $profile->getUserId(), TOKEN_ACCESS, "1 HOUR"); $refreshToken = TokenBackend::create_token($this->clientid, $profile->getUserId(), TOKEN_REFRESH, "1 YEAR"); return ["access-token" => $accessToken->toExternalForm(3600), "refresh-token" => $refreshToken->toExternalForm(false), "profile" => $profile->toExternalForm()]; }
protected function validate_permission($permission) { // Check the permission with the backend if (!DEBUG && !UserBackend::check_user_permission($this->user, $permission)) { throw new AuthorizationException("You do not have the required permissions to perform this operation", ["permission" => $permission]); } return true; }
public function handle($data) { $this->validate_request(["setting" => ["key", "value"]]); $profile = UserBackend::fetch_user_profile($this->params["id"]); $setting = $data->{"setting"}; UserBackend::set_user_setting($profile, $setting); return ["user" => $profile->toExternalForm(), "setting" => $setting]; }
public function handle($data) { $this->validate_request(["group"]); $user = UserBackend::fetch_user_profile($this->params['id']); $group = GroupBackend::fetch_group_profile($data->{"group"}); UserBackend::add_user_group($user, $group); return []; }
public function handle($data) { $this->validate_request(["assignment"]); $user = UserBackend::fetch_user_profile($this->params['id']); $assignment = Token::decode($data->{"assignment"}); $data = UserBackend::add_user_assignment($user, $assignment); return $data; }
public function handle($data) { $this->validate_request(["permission"]); $profile = UserBackend::fetch_user_profile($this->params["id"]); $permission = $data->{"permission"}; UserBackend::set_user_permission($profile, $permission, true); return ["user" => $profile->toExternalForm(), "permission" => $permission]; }
public function handle($data) { $users = []; /** @var \meteor\data\profiles\UserProfile $user */ foreach (UserBackend::fetch_all_users() as $user) { $users[] = $user->toExternalForm(); } return ["count" => count($users), "users" => $users]; }
public function handle($data) { $profile = UserBackend::fetch_user_profile($this->params['id']); $groups = []; /** @var \meteor\data\profiles\GroupProfile $group */ foreach (UserBackend::fetch_user_groups($profile) as $group) { $groups[] = $group->toExternalForm(); } return ["groups" => $groups]; }
public function handle($data) { $group = GroupBackend::fetch_group_profile($this->params['id']); $assignment = AssignmentBackend::fetch_assignment_profile(Token::decode($this->params['assignment'])); $data = []; /** @var UserProfile $user */ foreach (GroupBackend::fetch_group_users($group) as $user) { $data[] = ["user" => $user->toExternalForm(), "score" => UserBackend::fetch_user_scores($user, $assignment)]; } return ["users" => $data]; }
public function handle($data) { $this->validate_request(["assignment"]); $group = GroupBackend::fetch_group_profile($this->params['id']); $users = GroupBackend::fetch_group_users($group); $assignmentId = Token::decode($data->{"assignment"}); foreach ($users as $user) { UserBackend::add_user_assignment($user, $assignmentId); } $assignmentId = AssignmentBackend::fetch_assignment_profile($assignmentId); return ["assignment" => $assignmentId]; }
public function handle_get($data) { $profile = UserBackend::fetch_user_profile($this->params["id"]); $data = []; $data["profile"] = $profile->toExternalForm(); $data["settings"] = UserBackend::fetch_user_settings($profile); $data["permissions"] = UserBackend::fetch_user_permissions($profile); $groups = []; /** @var GroupProfile $group */ foreach (UserBackend::fetch_user_groups($profile) as $group) { $groups[] = $group->toExternalForm(); } $data["groups"] = $groups; return $data; }
public function handle($data) { $this->validate_request(["user", "refresh-token"]); $profile = UserBackend::fetch_user_profile($data->{"user"}); $refresh = Token::decode($data->{"refresh-token"}); if (!$refresh->getUserSecret() == $profile->getUserId()->getUserSecret()) { throw new InvalidUserException("User provided and token do not match"); } if (!TokenBackend::validate_token($this->clientid, $profile->getUserId(), $refresh)) { throw new InvalidTokenException("Invalid refresh token or userid provided"); } TokenBackend::clear_tokens($this->clientid, $profile->getUserId(), TOKEN_ACCESS); $access = TokenBackend::create_token($this->clientid, $profile->getUserId(), TOKEN_ACCESS, "1 HOUR"); return ["user-profile" => $profile->toExternalForm(), "access-token" => ["token" => $access->toString(), "expires" => 3600]]; }
public function handle($data) { $this->validate_request(["username", "password"]); $username = $data->{"username"}; $displayname = $username; if (isset($data->{"display-name"})) { $displayname = $data->{"display-name"}; } if (UserBackend::user_exists($username)) { throw new EndpointExecutionException("User already exists", ["username" => $username]); } // Create their entry in the user database $profile = UserBackend::create_user($username, $displayname, $data->{"password"}); // Return the new user to the client return ["user" => $profile->toExternalForm()]; }
public static function check_user_permission(UserProfile $profile, $permission) { $query = Database::generate_query("user_permission_check", [$profile->getUserId()->toString(), $permission]); $result = $query->execute(); $count = $result->count(); $result->close(); if ($count >= 1) { return true; } foreach (UserBackend::fetch_user_groups($profile) as $group) { if (GroupBackend::check_group_permission($group, $permission)) { return true; } } return false; }
private function handlePost($data) { $profile = UserBackend::fetch_user_profile($this->params["id"]); UserBackend::set_user_permission($profile, $this->params["permission"], false); return []; }
private function handlePost($data) { $profile = UserBackend::fetch_user_profile($this->params["id"]); UserBackend::delete_user_setting($profile, $this->params["setting"], false); return []; }
private function handleOutstanding($data) { return UserBackend::fetch_user_assignments_outstanding(UserBackend::fetch_user_profile($this->params['id'])); }
public function handle($data) { $profile = UserBackend::fetch_user_profile($this->params["id"]); $settings = UserBackend::fetch_user_settings($profile); return ["settings" => $settings]; }
public function handle($data) { $user = UserBackend::fetch_user_profile($this->params['id']); $assignment = AssignmentBackend::fetch_assignment_profile(Token::decode($this->params['assignment'])); return UserBackend::fetch_user_scores($user, $assignment); }
public function handle($data) { $profile = UserBackend::fetch_user_profile($this->params["id"]); $permissions = UserBackend::fetch_user_permissions($profile); return ["permissions" => $permissions]; }