web-base/Core/API/GroupsAPI.class.php

444 lines
13 KiB
PHP
Raw Normal View History

2020-06-20 20:13:51 +02:00
<?php
2022-11-18 18:06:46 +01:00
namespace Core\API {
2020-06-20 20:13:51 +02:00
use Core\Driver\SQL\Expression\Count;
2022-11-18 18:06:46 +01:00
use Core\Objects\Context;
use Core\Objects\DatabaseEntity\Group;
use Core\Objects\DatabaseEntity\User;
2020-06-24 01:09:08 +02:00
2020-07-01 21:10:25 +02:00
abstract class GroupsAPI extends Request {
2020-06-20 20:13:51 +02:00
2022-06-20 19:52:31 +02:00
public function __construct(Context $context, bool $externalCall = false, array $params = array()) {
parent::__construct($context, $externalCall, $params);
}
protected function groupExists($name): bool {
$sql = $this->context->getSQL();
$res = $sql->select(new Count())
2020-06-24 01:09:08 +02:00
->from("Group")
->whereEq("name", $name)
2020-06-24 01:09:08 +02:00
->execute();
$this->success = ($res !== FALSE);
$this->lastError = $sql->getLastError();
return $this->success && $res[0]["count"] > 0;
}
protected function getGroup(int $groupId): Group|false {
$sql = $this->context->getSQL();
$group = Group::find($sql, $groupId);
if ($group === false) {
return $this->createError("Error fetching group: " . $sql->getLastError());
} else if ($group === null) {
return $this->createError("This group does not exist.");
}
return $group;
}
protected function getUser(int $userId): User|false {
$sql = $this->context->getSQL();
$user = User::find($sql, $userId, true);
if ($user === false) {
return $this->createError("Error fetching user: " . $sql->getLastError());
} else if ($user === null) {
return $this->createError("This user does not exist.");
}
return $user;
}
2020-06-20 20:13:51 +02:00
}
}
2022-11-18 18:06:46 +01:00
namespace Core\API\Groups {
2020-06-20 20:13:51 +02:00
2022-11-18 18:06:46 +01:00
use Core\API\GroupsAPI;
2024-05-04 11:18:28 +02:00
use Core\API\Parameter\ArrayType;
2022-11-18 18:06:46 +01:00
use Core\API\Parameter\Parameter;
2024-04-22 13:05:35 +02:00
use Core\API\Parameter\RegexType;
2024-05-04 11:18:28 +02:00
use Core\API\Parameter\StringType;
use Core\API\Traits\Pagination;
use Core\Driver\SQL\Column\Column;
2023-01-09 14:21:11 +01:00
use Core\Driver\SQL\Condition\Compare;
2024-05-04 11:18:28 +02:00
use Core\Driver\SQL\Condition\CondIn;
use Core\Driver\SQL\Condition\CondLike;
use Core\Driver\SQL\Condition\CondNot;
use Core\Driver\SQL\Expression\Alias;
use Core\Driver\SQL\Expression\Count;
2023-01-09 14:21:11 +01:00
use Core\Driver\SQL\Join\InnerJoin;
2022-11-18 18:06:46 +01:00
use Core\Objects\Context;
use Core\Objects\DatabaseEntity\Group;
2023-01-09 14:21:11 +01:00
use Core\Objects\DatabaseEntity\User;
2020-06-20 20:13:51 +02:00
class Fetch extends GroupsAPI {
use Pagination;
2020-06-20 20:13:51 +02:00
private int $groupCount;
2022-06-20 19:52:31 +02:00
public function __construct(Context $context, $externalCall = false) {
parent::__construct($context, $externalCall,
self::getPaginationParameters(['id', 'name', 'memberCount'])
);
2020-06-20 20:13:51 +02:00
$this->groupCount = 0;
}
2022-02-21 13:01:03 +01:00
public function _execute(): bool {
2022-11-20 17:13:53 +01:00
$sql = $this->context->getSQL();
if (!$this->initPagination($sql, Group::class)) {
return false;
2020-06-20 20:13:51 +02:00
}
2023-01-10 22:12:05 +01:00
$nmTable = User::getHandler($sql)->getNMRelation("groups")->getTableName();
$memberCount = new Alias($sql->select(new Count())
2023-01-10 22:12:05 +01:00
->from($nmTable)
->whereEq("group_id", new Column("Group.id")), "memberCount");
2020-06-20 20:13:51 +02:00
$groupsQuery = $this->createPaginationQuery($sql, [$memberCount]);
$groups = $groupsQuery->execute();
if ($groups !== false && $groups !== null) {
2022-11-20 17:13:53 +01:00
$this->result["groups"] = [];
foreach ($groups as $group) {
$groupData = $group->jsonSerialize();
$groupData["memberCount"] = $group["memberCount"];
$this->result["groups"][] = $groupData;
2022-11-20 17:13:53 +01:00
}
} else {
return $this->createError("Error fetching groups: " . $sql->getLastError());
2020-06-20 20:13:51 +02:00
}
return $this->success;
}
2023-01-16 21:47:23 +01:00
2024-04-23 12:14:28 +02:00
public static function getDescription(): string {
return "Allows users to fetch available groups";
}
public static function getDefaultPermittedGroups(): array {
return [Group::ADMIN, Group::SUPPORT];
2023-01-16 21:47:23 +01:00
}
2020-06-20 20:13:51 +02:00
}
2024-05-04 11:18:28 +02:00
class Search extends GroupsAPI {
public function __construct(Context $context, bool $externalCall = false) {
parent::__construct($context, $externalCall, [
"query" => new StringType("query", -1, true, NULL),
"exclude" => new ArrayType("exclude", Parameter::TYPE_INT, true, true, [])
]);
}
protected function _execute(): bool {
$sql = $this->context->getSQL();
$query = $this->getParam("query");
$exclude = array_unique($this->getParam("exclude"));
$groupsQuery = Group::createBuilder($sql, false)
->limit(5);
if (!empty($query)) {
$groupsQuery->where(new CondLike(new Column("name"), "%$query%"));
}
if (!empty($exclude)) {
$groupsQuery->where(new CondNot(new CondIn(new Column("id"), $exclude)));
}
$groups = Group::findBy($groupsQuery);
if ($groups === false) {
return $this->createError($sql->getLastError());
}
$this->result["groups"] = $groups;
return true;
}
public static function getDescription(): string {
return "Returns a list of groups matching the search criteria";
}
public static function getDefaultPermittedGroups(): array {
return [Group::ADMIN, Group::SUPPORT];
}
}
class Get extends GroupsAPI {
public function __construct(Context $context, bool $externalCall = false) {
parent::__construct($context, $externalCall, [
"id" => new Parameter("id", Parameter::TYPE_INT)
]);
}
protected function _execute(): bool {
$groupId = $this->getParam("id");
$group = $this->getGroup($groupId);
if ($group) {
$this->result["group"] = $group->jsonSerialize();
}
return true;
}
2023-01-16 21:47:23 +01:00
2024-04-23 12:14:28 +02:00
public static function getDescription(): string {
return "Allows users to get details about a group";
}
public static function getDefaultPermittedGroups(): array {
return [Group::ADMIN, Group::SUPPORT];
2023-01-16 21:47:23 +01:00
}
}
2023-01-09 14:21:11 +01:00
class GetMembers extends GroupsAPI {
use Pagination;
public function __construct(Context $context, bool $externalCall = false) {
$paginationParams = self::getPaginationParameters(["id", "name", "fullName"]);
$paginationParams["id"] = new Parameter("id", Parameter::TYPE_INT);
parent::__construct($context, $externalCall, $paginationParams);
}
protected function _execute(): bool {
$sql = $this->context->getSQL();
2023-01-10 22:12:05 +01:00
$nmTable = User::getHandler($sql)->getNMRelation("groups")->getTableName();
2023-01-09 14:21:11 +01:00
$condition = new Compare("group_id", $this->getParam("id"));
$nmJoin = new InnerJoin($nmTable, "$nmTable.user_id", "User.id");
2024-04-23 12:14:28 +02:00
if (!$this->initPagination($sql, User::class, $condition, [$nmJoin])) {
2023-01-09 14:21:11 +01:00
return false;
}
$userQuery = $this->createPaginationQuery($sql, null, [$nmJoin]);
$users = $userQuery->execute();
if ($users !== false && $users !== null) {
$this->result["members"] = [];
foreach ($users as $user) {
$this->result["users"][] = $user->jsonSerialize(["id", "name", "fullName", "profilePicture"]);
}
} else {
return $this->createError("Error fetching group members: " . $sql->getLastError());
}
return true;
}
2024-04-23 12:14:28 +02:00
public static function getDescription(): string {
return "Allows users to fetch members of a group";
}
public static function getDefaultPermittedGroups(): array {
return [Group::ADMIN, Group::SUPPORT];
2023-01-16 21:47:23 +01:00
}
2023-01-09 14:21:11 +01:00
}
2020-06-24 01:09:08 +02:00
class Create extends GroupsAPI {
2022-06-20 19:52:31 +02:00
public function __construct(Context $context, $externalCall = false) {
parent::__construct($context, $externalCall, [
2024-04-22 13:05:35 +02:00
'name' => new RegexType('name', "[a-zA-Z][a-zA-Z0-9_-]{0,31}"),
'color' => new RegexType('color', "#[a-fA-F0-9]{3,6}"),
]);
2020-06-24 01:09:08 +02:00
}
2022-02-21 13:01:03 +01:00
public function _execute(): bool {
2020-06-24 01:09:08 +02:00
$name = $this->getParam("name");
$color = $this->getParam("color");
$exists = $this->groupExists($name);
if (!$this->success) {
return false;
} else if ($exists) {
return $this->createError("A group with this name already exists");
}
2022-06-20 19:52:31 +02:00
$sql = $this->context->getSQL();
2020-06-24 01:09:08 +02:00
2022-11-29 14:17:11 +01:00
$group = new Group(null, $name, $color);
2022-06-20 19:52:31 +02:00
$this->success = ($group->save($sql) !== FALSE);
2020-06-24 01:09:08 +02:00
$this->lastError = $sql->getLastError();
if ($this->success) {
2022-06-20 19:52:31 +02:00
$this->result["id"] = $group->getId();
2020-06-24 01:09:08 +02:00
}
return $this->success;
}
2023-01-16 21:47:23 +01:00
2024-04-23 12:14:28 +02:00
public static function getDescription(): string {
return "Allows users to create a new group";
}
public static function getDefaultPermittedGroups(): array {
return [Group::ADMIN];
2023-01-16 21:47:23 +01:00
}
2020-06-24 01:09:08 +02:00
}
2020-06-24 01:23:37 +02:00
class Update extends GroupsAPI {
public function __construct(Context $context, $externalCall = false) {
parent::__construct($context, $externalCall, [
"id" => new Parameter("id", Parameter::TYPE_INT),
2024-04-22 13:05:35 +02:00
"name" => new RegexType("name", "[a-zA-Z][a-zA-Z0-9_-]{0,31}"),
"color" => new RegexType("color", "#[a-fA-F0-9]{3,6}"),
]);
}
public function _execute(): bool {
$sql = $this->context->getSQL();
$groupId = $this->getParam("id");
$name = $this->getParam("name");
$color = $this->getParam("color");
$group = $this->getGroup($groupId);
if ($group === false) {
return false;
}
$otherGroup = Group::findBy(Group::createBuilder($sql, true)
->whereNeq("id", $groupId)
->whereEq("name", $name)
->first());
if ($otherGroup) {
return $this->createError("This name is already in use");
}
$group->name = $name;
$group->color = $color;
$this->success = ($group->save($sql) !== FALSE);
$this->lastError = $sql->getLastError();
return $this->success;
}
2024-04-23 12:14:28 +02:00
public static function getDescription(): string {
return "Allows users to update existing groups";
}
public static function getDefaultPermittedGroups(): array {
return [Group::ADMIN];
}
}
2020-06-24 01:23:37 +02:00
class Delete extends GroupsAPI {
2022-06-20 19:52:31 +02:00
public function __construct(Context $context, $externalCall = false) {
parent::__construct($context, $externalCall, array(
'id' => new Parameter('id', Parameter::TYPE_INT)
2020-06-24 01:23:37 +02:00
));
}
2022-02-21 13:01:03 +01:00
public function _execute(): bool {
2022-06-20 19:52:31 +02:00
$id = $this->getParam("id");
2022-11-20 17:13:53 +01:00
if (in_array($id, array_keys(Group::GROUPS))) {
2020-06-24 16:09:04 +02:00
return $this->createError("You cannot delete a default group.");
}
2020-06-24 01:23:37 +02:00
2022-06-20 19:52:31 +02:00
$sql = $this->context->getSQL();
$group = $this->getGroup($id);
if ($group) {
2023-01-09 14:21:11 +01:00
$this->success = ($group->delete($sql) !== FALSE);
$this->lastError = $sql->getLastError();
}
return $this->success;
2023-01-09 14:21:11 +01:00
}
2023-01-16 21:47:23 +01:00
2024-04-23 12:14:28 +02:00
public static function getDescription(): string {
return "Allows users to delete a group";
}
public static function getDefaultPermittedGroups(): array {
return [Group::ADMIN];
2023-01-16 21:47:23 +01:00
}
2023-01-09 14:21:11 +01:00
}
2020-06-24 01:23:37 +02:00
2023-01-09 14:21:11 +01:00
class AddMember extends GroupsAPI {
public function __construct(Context $context, bool $externalCall = false) {
parent::__construct($context, $externalCall, [
"id" => new Parameter("id", Parameter::TYPE_INT),
"userId" => new Parameter("userId", Parameter::TYPE_INT)
2023-01-09 14:21:11 +01:00
]);
}
protected function _execute(): bool {
$groupId = $this->getParam("id");
$group = $this->getGroup($groupId);
2023-01-09 14:21:11 +01:00
if ($group === false) {
return false;
2023-01-09 14:21:11 +01:00
}
$userId = $this->getParam("userId");
$currentUser = $this->context->getUser();
$user = $this->getUser($userId);
2023-01-09 14:21:11 +01:00
if ($user === false) {
return false;
2023-01-09 14:21:11 +01:00
} else if (isset($user->getGroups()[$groupId])) {
return $this->createError("This user is already member of this group.");
} else if ($groupId === Group::ADMIN && !$currentUser->hasGroup(Group::ADMIN)) {
return $this->createError("You cannot add the administrator group to other users.");
2023-01-09 14:21:11 +01:00
}
$user->groups[$groupId] = $group;
$sql = $this->context->getSQL();
2023-01-09 14:21:11 +01:00
$this->success = $user->save($sql, ["groups"], true);
if (!$this->success) {
return $this->createError("Error saving user: " . $sql->getLastError());
} else {
return true;
}
}
2023-01-16 21:47:23 +01:00
2024-04-23 12:14:28 +02:00
public static function getDescription(): string {
return "Allows users to add members to a group";
}
public static function getDefaultPermittedGroups(): array {
return [Group::ADMIN];
2023-01-16 21:47:23 +01:00
}
2023-01-09 14:21:11 +01:00
}
class RemoveMember extends GroupsAPI {
public function __construct(Context $context, bool $externalCall = false) {
parent::__construct($context, $externalCall, [
"id" => new Parameter("id", Parameter::TYPE_INT),
"userId" => new Parameter("userId", Parameter::TYPE_INT)
2023-01-09 14:21:11 +01:00
]);
}
2020-06-24 01:23:37 +02:00
2023-01-09 14:21:11 +01:00
protected function _execute(): bool {
$groupId = $this->getParam("id");
$group = $this->getGroup($groupId);
2023-01-09 14:21:11 +01:00
if ($group === false) {
return false;
2020-06-24 01:23:37 +02:00
}
$userId = $this->getParam("userId");
$currentUser = $this->context->getUser();
$user = $this->getUser($userId);
2023-01-09 14:21:11 +01:00
if ($user === false) {
return false;
2023-01-09 14:21:11 +01:00
} else if (!isset($user->getGroups()[$groupId])) {
return $this->createError("This user is not member of this group.");
} else if ($userId === $currentUser->getId() && $groupId === Group::ADMIN) {
return $this->createError("Cannot remove Administrator group from own user.");
2023-01-09 14:21:11 +01:00
}
unset($user->groups[$groupId]);
$sql = $this->context->getSQL();
2023-01-09 14:21:11 +01:00
$this->success = $user->save($sql, ["groups"], true);
if (!$this->success) {
return $this->createError("Error saving user: " . $sql->getLastError());
} else {
return true;
}
2020-06-24 01:23:37 +02:00
}
2023-01-09 14:21:11 +01:00
2024-04-23 12:14:28 +02:00
public static function getDescription(): string {
return "Allows users to remove members from a group";
}
public static function getDefaultPermittedGroups(): array {
return [Group::ADMIN];
2023-01-16 21:47:23 +01:00
}
}
2020-06-20 20:13:51 +02:00
}