-
Notifications
You must be signed in to change notification settings - Fork 0
/
Item.php
129 lines (122 loc) · 3.14 KB
/
Item.php
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
<?php
use Luracast\Restler\RestException;
class Item
{
/**
* @smart-auto-routing false
*/
/**
* @url POST
*/
protected function postNewItem($taskId, $seq, $itemTypeId, $code, $content)
{
if (\TTO::getRole() == 'admin') {
$statement = '
INSERT INTO item (taskId, seq, itemTypeId, code, content)
VALUES (:taskId, :seq, :itemTypeId, :code, :content)
';
$bind = array(
'taskId' => $taskId,
'seq' => $seq,
'itemTypeId' => $itemTypeId,
'code' => $code,
'content' => $content
);
\Db::execute($statement, $bind);
return;
} else {
throw new RestException(401, 'No Authorize or Invalid request !!!');
}
}
/**
* @url GET
*/
protected function getAllItem($taskId)
{
if (\TTO::getRole() == 'admin') {
if ($taskId > 0) {
$statement = 'SELECT * FROM item WHERE taskId = :taskId';
$bind = array('taskId' => $taskId);
return \Db::getResult($statement, $bind);
} else {
$statement = 'SELECT * FROM item';
return \Db::getResult($statement);
}
} else {
throw new RestException(401, 'No Authorize or Invalid request !!!');
}
}
/**
* @url GET /user/{userId}
*/
protected function getAllUserItem($userId, $taskId)
{
if ($userId == \TTO::getUserId() || \TTO::getRole() == 'admin') {
$statement = '
SELECT I.*, UI.userId, UI.status, UI.point, UI.userContent
FROM item AS I
LEFT OUTER JOIN user_item AS UI
ON UI.itemId = I.itemId
AND UI.userId = :userId
WHERE I.taskId = :taskId
';
$bind = array(
'userId' => $userId,
'taskId' => $taskId
);
return \Db::getResult($statement, $bind);
} else {
throw new RestException(401, 'No Authorize or Invalid request !!!');
}
}
/**
* @url POST {itemId}/user/{userId}
*/
protected function postUserItem($userId, $itemId, $point, $userContent)
{
if ($userId == \TTO::getUserId() || \TTO::getRole() == 'admin') {
$statement = '
INSERT INTO user_item (itemId, userId, point, userContent)
VALUES (:itemId, :userId, :point, :userContent)
';
$bind = array(
'itemId' => $itemId,
'userId' => $userId,
'point' => $point,
'userContent' => $userContent
);
\Db::execute($statement, $bind);
return;
} else {
throw new RestException(401, 'No Authorize or Invalid request !!!');
}
}
/**
* @url PUT /{itemId}
*/
protected function updateItem($itemId, $seq, $itemTypeId, $code, $content)
{
if (\TTO::getRole() == 'admin') {
$statement = '
UPDATE item
SET
seq = :seq,
itemTypeId = :itemTypeId,
code = :code,
content = :content
WHERE itemId = :itemId
';
$bind = array(
'itemId' => $itemId,
'seq' => $seq,
'itemTypeId' => $itemTypeId,
'code' => $code,
'content' => $content
);
\Db::execute($statement, $bind);
return;
} else {
throw new RestException(401, 'No Authorize or Invalid request !!!');
}
}
}